A report indicates that North Korea’s hacking outfit dubbed ‘Lazarus’ has made away with $571 million in cryptocurrencies across five attacks.
Since 2010, a total of over $1.3 billion in cryptocurrencies have been lost to internet baddies with 2017 and 2018 alone witnessing $882 million loss in cryptocurrency. Since the inception of cryptocurrencies, hack teams have been on the rise each trying as much as possible to exploit the security vulnerabilities of cryptocurrency firms. However, above all stand one infamous North Korean cryptocurrency-hacker syndicate whose prowess in cryptocurrency theft hitherto remains unmatched.
Hard Fork summary on crypto exchange attacks
According to the report, 61% of the $882 million lost in the two consecutive years from 14 different hacks on cryptocurrency exchanges was scooped by Lazarus. A summary from Hard Fork indicates that there were 14 successful attacks on cryptocurrencies since the beginning of 2017. It is calculated that of the $882 million stolen, the hack giant Lazarus made away with $571 million approximately over half a billion dollars in cryptocurrencies. This report added flesh to prior reports by South Korean officials who placed the hack-group in the middle of the multi-million dollar theft worth of cryptocurrencies back in 2017.
The country’s National Intelligence Service had also pointed out that phishing; the main traditional technique used to hack cryptocurrency exchanges among other criminal vices had yielded billions of won in customer funds. It was also strongly believed that Lazarus could be involved, either directly or indirectly in the grant cryptocurrency hack back in January that stripped the Japanese- based cryptocurrency exchange Coincheck off $ 500 million worth of cryptocurrencies. However, there has not been any substantial lead to back the claims.
The report also analyzed the various techniques used by hackers while carrying out an offensive. It was established that most crypto exchange hackers employ the traditional tools and methods which include malware, spear phishing and social engineering. However, spear phishing remains the most lethal offensive of them all.
“Spear phishing remains the major vector of attack on corporate networks. For instance, fraudsters deliver malware under the cover of CV spam [with an attachment] that has a malware embedded in the document,” the report explained. It went ahead to add that once the malware manages to successfully compromise the local network, the hackers access and browse through it to identify the servers and stations used before they launch their attack.
Group IB has further warned that attacks on crypto exchanges are expected to rise with traditional bank hackers presumably expected to shift focus.