North Korean Hacker Group Stole $571 Million in Crypto Attacks This Year
Lazarus was behind 14 hacking attacks on cryptocurrent exchanges since January 2017 — stealing $571 million.
Photo for representation (Reuters)
San Francisco: Amid growing crypto-jacking episodes, a North Korean hacking group called Lazarus has stolen cryptocurrencies worth more than half a billion dollars.
According to The Next Web that cited findings from the annual report of cybersecurity vendor Group-IB late on Friday, Lazarus was behind 14 hacking attacks on cryptocurrent exchanges since January 2017 — stealing $571 million.
Lazarus is a hacking group which has been linked to a string of attacks against everything from banks to government agencies across the world.
Hackers targeted cryptocurrency exchanges with spear phishing, social engineering and malware.
"Spear phishing remains the major vector of attack on corporate networks. For instance, fraudsters deliver malware under the cover of CV spam [with an attachment] that has a malware embedded in the document," the findings showed.
Group-IB expects the number of targeted attacks on cryptocurrency exchanges to rise, and not just the ones from Lazarus. Nearly 10 per cent of the total funds raised by Initial Coin Offering (ICO) platforms over the past year and a half have been stolen.
According to the report, large phishing groups are capable of stealing $1 million a month. Fraudsters are even building fake websites using stolen cryptocurrency project descriptions and plagiarized white papers.
"Fraudulent phishing-schemes involving crypto-brands will only get more complex as well as cybercriminals' level of preparation for phishing attacks," the group warned.
Security researchers have claimed that North Korea-based advanced persistent threat (APT) groups are increasingly attacking financial institutions and Bitcoin exchanges.
There were on average five new threat samples every second that resulted in a massive 629 per cent growth in cryptojacking and other cryptocurrency mining malware in the first quarter of 2018.
The coin miner malware grew a stunning 629 per cent to 2.9 million in the first quarter of 2018, from around 400,000 total known samples in Q4 2017, said a recent report from global cyber security firm McAfee.
The Lazarus cybercrime group launched a highly sophisticated Bitcoin-stealing phishing campaign — HaoBao — which targeted global financial organisations and Bitcoin users.
When recipients open malicious email attachments, an implant would scan for Bitcoin activity and establishes an implant for persistent data gathering and crypto mining.
Get the best of News18 delivered to your inbox - subscribe to News18 Daybreak. Follow News18.com on Twitter, Instagram, Facebook, Telegram, TikTok and on YouTube, and stay in the know with what's happening in the world around you – in real time.
Recommended For You
- Akshay Kumar Trolled for Seven-year-old Comments, Sonakshi Sinha Defends Him
- Sorry Pixel 4 But iPhone Users Can Get Free Unlimited Storage on Google Photos
- Google Pixel 4 Face Unlock is so Unsecure, You May as Well Not Bother Using it
- Disha Patani and Tiger Shroff Add Star Power to ISL 2019-20 Opening Ceremony
- 'Only Lionel Messi' Thread on Twitter Proves Why He is the Best in Football