North Korea-Sponsored Lazarus Responsible For 65% Of Hacked Cryptocurrency

Lazarus, reportedly a North Korea state-sponsored group, has stolen $571 million in digital assets in the last 18 months, an annual report on cyber tech trends published on Tuesday, October 16 showed.

0

A 2018 cyber threat report on the crypto industry has shown that the hacker group called Lazarus accounts for the most attacks on cryptocurrencies and exchanges since early 2017.

Lazarus, reportedly a North Korea state-sponsored group, has stolen $571 million in digital assets in the last 18 months, an annual report on cyber tech trends published on Tuesday, October 16 showed.

North Korea-Sponsored Lazarus Responsible For 65% Of Hacked Cryptocurrency
Source: Group IB

According to Group-IB, many cybercriminals have shifted their focus onto cryptocurrency as a “quicker” way to make money over the last two years.

In their recent report titled “Hi-Tech Crime Trends” as well as in a “Key takeaways” summary from the study, Group-IB identified four hacker groups to be the ones that pose the greatest threat to financial institutions and crypto industry.

The company, which specializes in cyber attack prevention, singled out Cobalt, Silence, MoneyTaker, and Lazarus.

State-sponsored hacks

The Group-IB report singles out Lazarus hacker group, allegedly sponsored by North Korea, as the one responsible for stealing $571 million in crypto assets in the last one year.

Ostensibly, the crypto industry attacks led to a total loss of $882 million during the research period, meaning that Lazarus’ attacks resulted in thefts of about 65 percent of the amount of crypto stolen.

The report states that there were fourteen different breaches at exchanges, and attributes five of these attacks to the alleged state-sponsored group.

Among the notable attacks carried out by Lazarus is the record-breaking CoinCheck hack where $532 million worth of NEM coins were stolen in January 2018.

Lazarus is also listed as the criminal group that attacked South Korea-based crypto exchange Bithumb in June, making off with $32 million worth of crypto.

Crypto exchange attacks “traditional,” more predicted

According to the study, most hackers who target cryptocurrency exchanges use “traditional” methods that include malware, phishing, and social engineering.

The report explains that most attacks happen when the hackers succeed in compromising a network via malware. They then browse workstations and servers, looking for vulnerable crypto wallets with exposed private keys.

Group-IB’s cybercrime forecast also predicts that attacks on exchanges are likely to increase in the future as attackers find crypto an attractive alternative to banks, hitherto the most targeted institutions.

ICOs

Apart from exchanges, the report also suggests that platforms undertaking Initial Coin Offerings (ICOs) have become the prime targets. According to their estimates, about 10 percent of token sale funds in the last two years have been stolen through cyber attacks.

Mining pools

Group-IB also suggests that some of the top mining pools are likely to be targeted with 51% attacks from state-sponsored hacker groups. Although attacking such miners has limited chances of success, the study points out that these attempts are increasing every other day.

According to the report, the top three countries that sponsor the highest number of hacker groups are China, North Korea, and Iran.

Leave A Reply

Your email address will not be published.