North Korea’s Lazarus Group Attacking Crypto Firms, Warns US Government

Table of Contents

• Govt. Agencies Issue Warning
• Trojan Apps Targeting Crypto Employees
• Lazarus Wreaking Havoc In Crypto

The US government warns all crypto companies to beware of North Korean hackers i.e., the Lazarus group, and its plans of launching exploits through trojanized applications. 

Govt. Agencies Issue Warning

The infamous hacker group from North Korea, i.e., the Lazarus group, is still striking fear in the hearts of the crypto industry. The group had previously launched severe exploits on multiple crypto firms worldwide, siphoning away billions of dollars in crypto assets. The latest information from the U.S. government is that the group is now weaponizing trojan apps to target crypto firms and break through their defenses. 

The Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), and the US Treasury have released a joint statement advising all crypto and blockchain firms to watch out for these malicious threat actors. The statement also revealed that the Lazarus group had been observed targeting crypto exchanges, crypto trading companies, VC funds that invest in cryptocurrency, and even individuals who hold large amounts of digital assets, including tokens, NFTs, etc. 

Trojan Apps Targeting Crypto Employees

The statement reported that the malicious apps being employed by Lazarus are spewing malware across the targeted network and exploiting security gaps to steal private keys. These apps gain the confidence of individuals and groups in the community by offering in-demand services like portfolio building and real-time crypto price predictions. Following this, the hackers are swooping in with fraudulent blockchain transactions. The agencies also named some malicious apps, like Dafom, CryptAIS, AlticGO, Esilet, and CreAI deck.

Crypto company employees are being taken in by these apps through a malicious campaign called ‘spearphishing.’ Employees are sent high-paying job offers, enticing them to download these trojan apps. The US government refers to these malicious operations as the ‘Trader Traitor.’

Lazarus Wreaking Havoc In Crypto

Blockchain analysis firm Chainalysis had reported that in 2021, this North Korean group of hackers had siphoned away around $400 million worth of assets from at least seven different crypto exchanges. However, the group has already broken its record of the previous year by targeting Axie Infinity’s Ronin sidechain. The massive exploit saw a loss of 173,600 ETH and 25.5M USDC, valued at around $625 million. Soon after, it was discovered that the dreaded Lazarus group had had a hand in that. 

The group has also targeted prominent individuals in the industry, like DeFiance founder Arthur Cheong, who lost around $1.6 million worth of NFTs, wrapped Eths, and other tokens in a hack that targeted his hot wallets. 

Disclaimer: This article is provided for informational purposes only. It is not offered or intended to be used as legal, tax, investment, financial, or other advice.