Lazarus is reportedly behind most of the cryptocurrency exchange hacks since January 2017. The notorious North Korean hacking syndicated has stolen $571 million in 14 different cyber attacks against exchanges during the period.
Spear Phishing: A Firm Favorite of Cryptocurrency Hackers
On Saturday, Live Bitcoin News published a report based on Moscow-based cyber security firm ‘Group-IB’ findings which showed $882 million worth of cryptocurrency lost via exchange hacks and ICO scams. Of this figure, the North Korean hacking group reportedly orchestrated the theft of more than 64 percent in 14 different hacks.
According to the report, spear phishing remains a popular attack vector for the group as well as other hackers. A portion of the report reads:
Spear phishing remains the major vector of attack on corporate networks. For instance, fraudsters deliver malware under the cover of CV spam [with an attachment] that has a malware embedded in the document.
Apart from spear phishing exploits, hackers also use a variety of social engineering and malware vectors to steal cryptocurrency. For their part, Lazarus is linked to many cyber attacks against individuals, business, and government agencies around the globe.
Lazarus Leading North Korea’s Global Cyber Warfare
Recently, Live Bitcoin News also reported on how the group was using MacOS Malware to attack cryptocurrency exchange platforms. According to Kaspersky Lab, the malware could infect both Windows and MacOS computers.
Earlier in the year, McAfee Advanced Threat Research published a report which showed coordinated attacks under a hacking campaign called “Operation GhostSecret” carried out by Hidden Cobra, the other name for Lazarus. The campaign targets critical sectors in other countries, stealing sensitive data.
Researchers at McAfee say GhostSecret’s mode of operations mirror that used in the WannaCry attack of 2017 and the Sony Pictures hack of 2014. Reports indicate that the Lazarus group began its hacking operations since 2009, with the United States and South Korea its first victims.
Part of the Plan to Evade Sanctions
Some experts believe that countries like Iran, Venezuela, and North Korea are turning to cryptocurrencies as a means of circumventing US-led economic sanctions. While the former two use means like creating a national cryptocurrency or using established virtual currencies, North Korea appears to be taking several notches with coordinated state-sponsored cyber attacks against businesses within and outside the virtual currency industry.
In the aftermath of the Coincheck hack that happened in January 2018, South Korean Intelligence Service accused North Korean hackers of being responsible for the cyber attack. More than $530 million in NEM tokens was stolen during the Coincheck hack.
What do you think about the rising incidents of attacks against cryptocurrency exchanges by the North Korea-based Lazarus hacking syndicate? Let us know your thoughts in the comment section below.
Images courtesy of Shutterstock