According to the FBI, the group was involved in other crypto-related heists.
A sub-cluster of Lazarus Group was observed employing tools for cyberattacks in South Korea.
North Korean cybercrime group, Lazarus Group, is again accused of a crypto attack. The Federal Bureau of Investigation (FBI), principal federal law enforcement agency of the U.S., recently identified the organization is behind the $41 Million theft from largest cryptocurrency casino Stake. The hackers moved funds in Bitcoin (BTC), Ethereum (ETH), BSC Chain and more.
Lazarus Group Is Actively Exploiting Crypto Markets
According to the official press release, ‘The FBI has confirmed that this theft took place on or about September 4, 2023, and attributes it to the Lazarus Group (also known as APT38) which is comprised of DPRK cyber actors.’ The agency also says the group is a part of other crypto-related heists.
Lazarus Group has raked in over $200 Million in 2023, so far. Some of these hacks include payment services Alphapo and CoinsPaid, and a non-custodial wallet service Atomic Wallet. The North Korean hackers looted almost $100 Million from Atomic Wallet alone in June 2023.
The agency also reported the attackers were part of hacks involving Harmony’s Horizon Bridge and Sky Mavis’ Ronin Bridge. The latter is considered among the biggest hacks of the crypto industry.
Additionally, the FBI appears determined to keep chasing the ill practices of the North Korean hackers. The agency writes, “The FBI will continue to expose and combat the DPRK’s use of illicit activities to generate revenue for the regime, including cybercrime and virtual currency theft.”
North Korean Group Targets South Korean Organizations
Recently Bleeping Computer, a technology news provider, reported the Lazarus Group tried to exploit vulnerabilities to breach entities in the United States and the United Kingdom to bug them with QuiteRAT and CollectionRAT, types of trojan malwares.
In other news, a sub-cluster of Lazarus Group namely Andariel aka Nicket Hyatt or Silent Chomilla, was observed employing tools for cyberattacks in South Korea.
According to AhnLab, a security service provider in South Korea, The Andariel group is one of the most active threat groups targeting Korea along with Kimsuky and Lazarus. The group launched attacks to gain information related to national security in the early days but now carries out attacks for financial gains.”
In September 2022, the FBI warned citizens to stay clear of cybercriminals exploiting decentralized finance (DeFi) ecosystems. They explained that bad actors are leveraging smart contract vulnerabilities to steal cryptocurrencies. According to blockchain analysis company Chainalysis over $1 Billion in crypto went down the drain between January and March 2022.
Crypto is an emerging and a volatile market. Regulators in several countries are evaluating risks and benefits associated with crypto markets while nations including El Salvador and the Central African Republic (CAR) are using crypto as a legal tender.