LAZARUS GROUP a spooky ghost for developers

4N49...U1Y1
31 Dec 2023
56

Based on data released by elliptic in 2023, the lazarus group, which is said to be North Korean hackers, has managed to steal 240 million US dollars. Their latest hack activity based on electric data, they have managed to steal funds from coinspaid, stick.com, and CoinEx.

Lazarus group has become the most feared hacker in the world. They have successfully hacked Sony, alphavo, Atomic Wallet, Horison Bridge, and axie Infinity. In total, these hackers have stolen 1 billion US dollars from around the world, from various institutions and people.

Who Are They?


Lazarus Group is a hacker that is allegedly sponsored by North Korea. And if you think this lazarus group only hacks the crypto industry, you are wrong. Because Lazarus Group has also hacked the Swift system, Lazarus Group also has many aliases. Starting from the Guardian office, Who is team, hidden Cobra, Zinc, and many more.

Its first appearance was marked by Operation troy which started from 2009 to 2012. This was a cyber attack using DDOS attacks that targeted South Korean and American government websites. In March 2013 they started a new operation named Operation dark Seoul. This attack targeted media companies such as KBS, MBC, and YTN. Also financial institutions such as Shinhan bank, Jeju bank, and Woori bank. Well, this attack infected 32,000 computers from the media and financial industries.

In 2014, lazarus group through operation block buster attacked sony entertainment. The reason was that Sony released a movie parodying Kim Jong-un. Lazarus group demanded to remove this film from theaters as well as steal the personal data of 4,000 Sony employees. And they also stole data on movies that will be released and also movie files that are in the process of being released. They also installed a Malware that functions to delete all important data from Sony Entertainment. As a result, theaters did not dare to show the Kim jong-un parody film and Sony Entertainment is estimated to bear losses of up to 100 million US Dollars.

In 2016, Lazarus group hacked the Federal Reserve Bank of New York and made 35 transfer requests totaling 1 billion USD from an account belonging to the Central Bank of Bangladesh. Unfortunately, 5 of the 35 transfer requests passed with a total of 101 million USD stolen, lazarus group also tried to steal 1 million US dollars from Tien Phong bank in Vietnam and Banco Del Austro in Equador which lost 12 million USD. This hack activity in financial institutions also uses the same software. In 2016, Lazarus group used Trojan software to exploit weaknesses in the Swift system.

Lazarus group is not just a hacker group. It is a military-scale organization that steals money from all over the world with various victims. The goal is to fund North Korea's lighthouse projects. From ballistic missiles to nukes. In 2017, they launched a ransomware called wannacry. It was a virus that could infect a computer just by plugging in a TCP 456 cable without the need to click. Well, this malware infected 200 thousand computers in 150 countries including Russia, Ukraine, America, Taiwan, and China except North Korea. Their other activities have been recorded as carrying out cyber criminal activities at astrazeneca and stealing various Twitter, GitHub, and LinkedIn accounts which are used as social engineering proxy accounts.

Crypto Is the New Target


Crypto is a technology that allows the internet to be monetized. But on the one hand, it can be a new field for Lazarus Group. Their first activity in crypto was recorded in 2017 with a simple tactic, namely fishing for retail users and crypto institutions. In February 2017, South Korean exchanges bitthumb and youbit were hacked for 7 million USD. Unfortunately, youbit did not survive this hack and filed for bankruptcy in December.

In April 2017, nicehash a Bitcoin Cloud mining was also hacked and 4,500 Bitcoin was taken by lazarus group. In 2022, Lazarus group again stole 600 million US Dollars from the rolling protocol, which is the blockchain protocol used by axie Infinity through social engineering by utilizing a fake job over on LinkedIn and it was taken by a former Sky mavis employee. Lazarus group sent a PDF file containing Spyware. From here lazarus group managed to gain access to the ronin Node validator. In June 2022, they stole 100 million US Dollars from Horison Harmony Bridge after finding weaknesses in its cloud. Vitalic itself already gave Code in January that the Bridge's security was weak.

In 2023, lazarus group has managed to steal from various crypto institutions. For example, on June 3, they stole 100 million US dollars from 5,500 users on atomic wallet. On July 22, they stole 27 million USD from CoinsPaid and 60 million USD from Alphapo. On September 4, they stole $41 million from stake.com. And finally on September 12, it is estimated based on Elliptic data, they stole around 70 million US dollars from CoinEx.

There are still many attacks launched by the Lazarus Group, it's just that I can't write them all, you can find information about lazarus through other channels.

Best Regards. Pangrango

Write & Read to Earn with BULB

Learn More
Enjoy this blog? Subscribe to pangrango

7 Comments

B
No comments yet.
Most relevant comments are displayed, so some may have been filtered out.