Lazarus, a North Korean hacking group, is reportedly ratcheting up its efforts to steal cryptocurrency amid North Korea’s financial difficulties as a result of COVID-19 pandemic and financial sanctions imposed on the nation.
“The APT (adaptive persistent threats) hacking group Lazarus, which is allegedly sponsored by a sure authorities [North Korea], is more and more partaking in cybercrime actions out and in of South Korea,” in line with an Apr. 27 press launch from ESTsecurity, a cyber safety agency positioned in Seoul.
Lazarus is the notorious hacking group answerable for the 2014 Sony Footage hack and 2016 Bangladesh Financial institution cyber heist.
In line with the press launch, the first targets of those assaults are individuals who have traded cryptocurrencies, comparable to Bitcoin, and those that work within the cryptocurrency subject. The corporate warned that these assaults might result in monetary harm.
“Lazarus is finishing up APT assaults not solely in South Korea but in addition within the worldwide sphere, together with the USA,” the ESTsecurity press launch defined. “They’re additionally partaking in cyber-espionage operations in addition to actions designed to generate international foreign money.”
The press launch additionally went on to elucidate that “malicious emails utilized in these assaults point out firms that present digital cost providers. The hackers hooked up malicious recordsdata disguised as blockchain software program growth contracts from these cost firms and induced the targets into opening them.”
ESTsecurity’s report defined these assaults use “spear phishing,” the place a scammer baits victims utilizing info particular to their pursuits after acquiring detailed info on them.
Lately, Lazarus is strongly dedicated to cryptocurrency heist campaigns centered on digital currencies which are arduous to trace and cryptocurrency exchanges, that are extra weak to hacks than standard monetary establishments like banks.
From 2017 to 2018, Lazarus was amongst three North Korean hacking teams that managed to steal USD 571 million in cryptocurrency from 5 exchanges in Asia, in line with the “Nationwide Technique for Combating Terrorist and Different Illicit Financing 2020” report launched by the US Treasury Division in February.
Analysts say that stealing cryptocurrency might carry monumental income to a rustic now utterly remoted from the remainder of the world following the closure of the Sino-North Korean border in late January as a result of COVID-19 pandemic.
Safety consultants are emphasizing that joint countermeasures must be taken towards North Korean cyber assaults, that are related to different North Korean espionage teams comparable to Kimsuky, Kony, and Gumsong 121.
“Together with Kimsuky, Koni and Gumsong 121, Lazarus has been partaking in a wide range of APT assaults towards South Korea and others,” mentioned Mun Chong Hyun, the pinnacle of the ESTsecurity Safety Response Heart (ESRC). “It is crucial that we systematically examine these organizations and take countermeasures towards them.”
*Translated by Seongjin Park
Please direct any feedback or questions on this text to firstname.lastname@example.org.
Learn in Korean