Lazarus – A Hacker Group reportedly funded by North Korea, has stolen a staggering $571 Mln in digital currencies since early 2017, a study conducted by a cyber crime company Group-IB reveals. Key takeaways from the study were published recently, along an elaborated annual report, entitled “Hi-Tech Crime Trends.”
The report, dedicated to hacks in 2017 and 2018, identifies the allegedly state-sponsored hacker group Lazarus as to blame for $571 Mln of the $882 Mln total in crypto that was stolen from on-line exchanges throughout the studied time period; virtually 65% of the whole sum.
Out of the 14 separate exchange breaches, 5 are attributed to the group, among them the firms record-breaking $532 Mln NEM hack of Japan’s Coincheck earlier Jan this year.
The report states that hackers target cryptocurrency exchange employing principally ‘traditional’ ways, together with spear phishing, social engineering, and malware:
“After the native network is successfully compromised through downloaded malwares, the hackers browse the native network to seek out work stations and servers used operating with private digital wallets.”
The report, additionally includes a cyber crime forecast, predicted that the no. of attacks on exchanges are to extend in mere future, as an alternate to the traditional targets such as banks.
Group-IB also indicates that ICO platforms are the primarily targets for hackers, revealing that 10 % of total funds raised from token sales in 2017–2018 were compromised. A majority of illicit activity targeting ICOs was reportedly conducted through phishing ways, with Group-IB estimating that giant phishing teams have the capability to steal around $1 Mln a month.
Additionally, Group-IB suggests that mining pools might prove a simple target for 51% attacks by state-sponsored hackers. Attempt at such attacks, albeit with restricted success, are aforementioned to already air this increase.
U.S. specialists have previously alleged that North Korea is “increasingly” turning to crypto as a maneuver to bypass sanctions, claiming that the country’s government is hiring folks to “launder” cryptocurrencies via multiple wallets and exchanges, along with as so called mixed services, with the aim of getting sanction-free USD’s.