Cryptocurrency News:It was revealed that the world-famous North Korean hacker group Lazarus was behind some of the biggest cryptocurrency attacks of recent years.
Who are they targeting?
The cases, first reported in 2020, were named “CryptoCore” by the cyber security firm ClearSky Cyber Security. However, no identity had been revealed since then.
A new report released yesterday by the firm suggests that Lazarus is the group behind CryptoCore and is targeting cryptocurrency exchanges in Israel, the US, Europe and Japan.
The report found some similarities between the tactics used in the CryptoCore attack and other attacks linked to Lazarus.
We have published our new report: “Attributing CryptoCore Attacks Against Crypto Exchanges to LAZARUS (North Korea)”.
Our research shows a MEDIUM-HIGH likelihood that Lazarus group attacks crypto exchanges all over the world at least three years.https://t.co/QOCzgrt8Bc pic.twitter.com/kASqdet8OE
— ClearSky Cyber Security (@ClearskySec) May 24, 2021
Hackers initially launched phishing attacks targeting employees of crypto exchanges who installed malware and gained access to crypto wallets.
ClearSky estimates that $200 million has been stolen since May 2018 last year, and $70 million was obtained from robberies on crypto exchanges.
The latest reports confirm this amount.
Who is Lazarus?
Lazarus is a state-backed North Korean hacking group. They are thought to have been active since 2009. The group is known for its involvement in various cyberattacks, including the attack on Sony Pictures in 2014.
Reports show that Lazarus carried out financially motivated attacks to circumvent the economic sanctions imposed on North Korea.
According to the 2020 Chainalysis CryptoCrime report, Lazarus has stolen over $ 1.75 billion of cryptocurrencies since 2017.