Infamous Hacking Group Lazarus Stole $571 Million in Crypto on 14 Occasions
Infamous Hacking Group in North Korea Stole $571 Million in 14 Separate Hacks
Lazarus has been running the hacking game in North Korea for quite a while, attacking cryptocurrencies lately in an effort to get a profit. They succeeded greatly in their goals since July 2017, considering how a recent report showed that they’ve brought in $571 million as a result. However, this wasn’t just one or two hacking projects; this sum was collected as a result of 14 separate hacks within the cryptocurrency exchanges around the world.
This news supports the allegations from South Korean officials in February that the hackers from North Korea had been stealing tens of millions of dollars in cryptocurrency in 2017. The National Intelligence Service within South Korea had commented that the culprit of these thefts were phishing scams and other methods involving criminal activity. The authorities were examining if these hackers were the same ones responsible for the hack that affected Coincheck, stealing $500 million. However, they did not bring up Lazarus’s name.
Group-IB has also examined these thefts, finding that $882 million in cryptocurrency was stolen from exchange as a whole from 2017 to 2018, based on a summary of the report. If that number is accurate, then Lazarus is potentially responsible for over 60% of the thefts performed during that time.
The security provider believes that the industry should expect to see more attacks in the future. They believe that the hackers that typically go after traditional financial institutions will find value in seeking out cryptocurrency wealth. In the summary of the report, the group also looked at the methods that hackers took on for the attacks, which included spear phishing, social engineering, and malware.
According to TheNextWeb,
“Spear phishing remains the major vector of attack on corporate networks. For instance, fraudsters deliver malware under the cover of CV spam with an attachment that has a malware embedded in the document.”
The summary explains after the local network is successfully compromised, the hackers browse the local network to find work stations and servers used working with private cryptocurrency wallets.
“Phishing also seems to be the most common attack for funds raised with ICO platforms. In fact, Group-IB alleges that the hackers managed steal 10% of the overall fundraising collected.”
As a warning to consumers, Group-IB says that hackers could possibly find mining pools to be a tempting source of profit. Bad actors have the potential to use 51% attacks to become the driving force over networks, which is something that has happened to a few different cryptocurrency projects within this year. In a quote from TheNextWeb, Group-IB said,
“In 2017, no successful 51-percent attacks were detected, but they are now happening more often. In the first half of 2018, five successful attacks were registered with direct financial losses ranging from $0.55 million to $18 million.”