North Korea’s Lazarus Group Attacks Japanese Crypto Firms

North Korea’s state-backed cybercriminal group Lazarus has attacked Japanese crypto firms, according to a joint statement of Japan’s national police and finance agencies.

The attacks were carried out using phishing and social engineering techniques, according to a report from Japan News.

Lazarus hackers allegedly reached out to target companies by posing as executives of crypto companies in emails and on social media. After making contact, the attackers infected the target companies’ internal systems with malware before making off with crypto.

Authorities named the suspected group in an advisory statement before making arrests – a move that has only been taken five times in Japan’s history.

The joint statement also provided some general security tips, advising potential targets to store their private keys offline and be careful when opening emails or hyperlinks. The NPA confirmed that several of the attacks had been successful, but did not reveal details or the amount stolen.

Lazarus moves into crypto

Lazarus is responsible for several major hacks outside of the blockchain industry, including the WannaCry ransomware attack in 2017, the Sony Pictures attack in 2014 and a series of cyber-raids on pharmaceutical companies in 2020, including COVID-19 vaccine developers AstraZeneca.

This year, Lazarus also started fiddling with nine-digit numbers in crypto.

In April, the group was linked to the historical 622 million dollar attack at Sky Mavis’s Ethereum side chain Ronin last month.

Then in June, Lazarus was the prime suspect in a $100 million raid Harmony Protocol.

The June hack targeted Harmony’s Horizon bridge, a cross-chain bridge that connects Harmony to Ethereum, Binance Chain and Bitcoin. Analysis of Elliptic at the time noted that similarities between the two cross-chain bridge attacks is a strong indication of Lazarus’ likely involvement.

Lazarus has also targeted crypto exchanges this year through fake job postings with links and PDFs containing malware.

In August, internet security researchers at ESET Labs flagged up a fake Coinbase job listing that was actually a Trojan horse deployed by the group. Last month, Lazarus repeated the attack with fake Crypto.com job ads.

Lazarus Group’s documented use of crypto transaction privacy tool Tornado Cash was one of the reasons for the US Treasury Department. ban it.

Stay up to date on crypto news, get daily updates in your inbox.

You may also like...

Leave a Reply

Your email address will not be published. Required fields are marked *