North Korean Hackers Steal Around $882 Million in Crypto
October 22, 2018
According to the report by the company Group-IB, the North Korean hacker group Lazarus has made 14 attacks at crypto exchanges since the beginning of 2017 and stole about $571 million in digital currency. As the company representatives say, total amount of hijacked funds over the mentioned period made over $882 million.
Earlier this year the North Korea’s National Intelligence Service (NIS) has conducted an investigation seeking for criminals who stole tens of millions of dollars in cryptocurrency by trapping internet users to phishing websites. At that moment the authorities believed it was Lazarus behind it that also hacked local crypto exchange Coincheck in January this year. Now the suggestions have proved true.
The Group-IB experts state that the number of attacks by Lazarus on crypto exchanges is most likely to rise manifold and hackers who focus on banking sites may also get in on the act.
The document provides a list of methods the group makes use of while attacking. According to The Next Web, malware mailout is the most preferable way:
“After the local network is successfully compromised, the hackers browse the local network to find work stations and servers used working with private cryptocurrency wallets.”
The Group-IB’s report says that since the turn of 2017 the method has brought about 10% of the total gain stolen in financing various ICOs. The company stresses that the figure is direct consequence of negligent investors who want to participate in token sale and therefore visit fake websites offhand. Phishing sites of ICO Telegram that got popular this March may be regarded as the most notable case of that kind.
In addition, the Group-IB added that interest Lazarus has in mining pools is just as high, as the group makes 51%-attacks on them to seize networks of various cryptocurrencies.