North Korean Hacking Group Lazarus Stole $571 Million in Cryptos: Report

North Korea's infamous hacking group, dubbed Lazarus, has managed to steal over half a billion dollars in cryptocurrencies, a report indicates.

AccessTimeIconOct 19, 2018 at 1:00 p.m. UTC
Updated Aug 18, 2021 at 10:05 p.m. UTC

Presented By Icon

Election 2024 coverage presented by

Stand with crypto

North Korea's infamous hacking group, dubbed Lazarus, has managed to steal over half a billion dollars in cryptocurrencies, a report indicates.

According to an article published Friday by The Next Web, the coming annual report from cybersecurity vendor Group-IB sets out that Lazarus was behind 14 hacks on crypto exchanges since January 2017, reaping a massive $571 million from the attacks.

  • Bitcoin Mining in the U.S. Will Become 'a Lot More Decentralized': Core Scientific CEO
    13:18
    Bitcoin Mining in the U.S. Will Become 'a Lot More Decentralized': Core Scientific CEO
  • Binance to Discontinue Its Nigerian Naira Services After Government Scrutiny
    05:10
    Binance to Discontinue Its Nigerian Naira Services After Government Scrutiny
  • The first video of the year 2024
    04:07
    The first video of the year 2024
  • The last regression video of the year 3.67.0
    40:07
    The last regression video of the year 3.67.0
  • The news backs up claims from officials in South Korea, who said in February that North Korean hackers likely stole tens of millions of dollars' worth in cryptocurrencies in 2017.

    As reported by CoinDesk, the country's National Intelligence Service  said that phishing scams and other criminal methods methods had yielded tens of billions of won in customer funds. Authorities were also probing whether the same hackers were behind the January hack of the Coincheck exchange, which saw over $500 million in cryptocurrency taken – though Lazarus wasn't specifically mentioned.

    More generally, Group-IB also indicates that $882 million in cryptocurrency was stolen from exchanges in total from 2017 to 2018, according to a summary of the report obtained by the tech news source.

    The security provider said the number of attacks targeting crypto exchanges is likely to rise further, with hackers of more traditional financial institutions such as banks being drawn to the space seeking big gains.

    The summary also looks at the methods used by hackers in order to carry out their attacks, saying spear phishing, social engineering and malware are the most widespread tools of the illicit trade.

    TNW cited the report as saying that spear phishing – targeting individuals or organizations with malware delivered via an email attachment – is the "major vector of attack" on enterprise networks. It adds:

    "After the local network is successfully compromised, the hackers browse the local network to find work stations and servers used working with private cryptocurrency wallets."

    Furthermore, says Group-IB, hackers have made off with 10 percent of the funds raised by ICO platforms since early 2017, with phishing the most common means of attack.

    The firm reportedly suggests that over-keen investors have been rushing to participate in token sales without paying sufficient attention to their security, often falling foul of tricks such as fake websites. For example, one such fake targeted would-be investors in the major ICO launched by Telegram, as reported in March.

    Group-IB further warns that mining pools could prove a tempting target for hackers, saying bad actors could employ 51 percent attacks to take over networks, as has happened at a number of crypto projects this year.

    Hacking image via Shutterstock

    Disclosure

    Please note that our privacy policy, terms of use, cookies, and do not sell my personal information have been updated.

    CoinDesk is an award-winning media outlet that covers the cryptocurrency industry. Its journalists abide by a strict set of editorial policies. CoinDesk has adopted a set of principles aimed at ensuring the integrity, editorial independence and freedom from bias of its publications. CoinDesk is part of the Bullish group, which owns and invests in digital asset businesses and digital assets. CoinDesk employees, including journalists, may receive Bullish group equity-based compensation. Bullish was incubated by technology investor Block.one.


    Learn more about Consensus 2024, CoinDesk's longest-running and most influential event that brings together all sides of crypto, blockchain and Web3. Head to consensus.coindesk.com to register and buy your pass now.