The Lazarus Group of North Korean hackers allegedly stole over $3.4 billion in cryptocurrencies in a series of heists dating back to 2007.
North Korea's Lazarus Group Used Social Engineering For Hacking Attacks
The Lazarus Group of North Korean hackers allegedly stole over $3.4 billion in cryptocurrencies in a series of heists dating back to 2007. Among these are the $100 million Harmony's Horizon bridge hack in 2022, the $35 million Atomic Wallet hack this year, the recent $54 million CoinEx exchange hack, the $41 million heist from crypto casino Stake and more.
A surprising point is that these cybercriminals leverage professional networking platform LinkedIn for their social engineering and phishing attacks.
In 2019, Lazarus targeted European and Middle Eastern military and aerospace companies as part of Operation In(ter)ception. They duped employees by publishing job postings on platforms such as LinkedIn and encouraging applicants to download a PDF file containing a malicious executable file. The organization misled victims into compromising their security, allowing them to exploit weaknesses in their systems and steal critical information by using social engineering and phishing techniques.
Lazarus used identical strategies in its six-month campaign against cryptocurrency payments company CoinsPaid, which resulted in a $37 million robbery in July. The group distributed bogus job offers to engineers and performed technological attacks such as Distributed Denial-of-Service and brute forcing, attempting multiple passwords until they obtained access.
The Lazarus Group is well-known for exploiting zero-day vulnerabilities, distributing malware, and participating in theft, espionage, and disruption. The US Treasury Department sanctioned the group in 2019, publicly tying them to North Korea's Reconnaissance General Bureau and attributing their operations to funding the country's nuclear weapons programme.
Let us know what you loved about this article, what could be improved, or share any other feedback by filling out this short form.
This article contains links to third-party websites or other content for information purposes only (“Third-Party Sites”). The Third-Party Sites are not under the control of CoinMarketCap, and CoinMarketCap is not responsible for the content of any Third-Party Site, including without limitation any link contained in a Third-Party Site, or any changes or updates to a Third-Party Site. CoinMarketCap is providing these links to you only as a convenience, and the inclusion of any link does not imply endorsement, approval or recommendation by CoinMarketCap of the site or any association with its operators.
This article is intended to be used and must be used for informational purposes only. It is important to do your own research and analysis before making any material decisions related to any of the products or services described. This article is not intended as, and shall not be construed as, financial advice.
The views and opinions expressed in this article are the author’s [company’s] own and do not necessarily reflect those of CoinMarketCap.
