North Korean Hacker Crew Lazarus Steals $571M in Cryptocurrency across 5 Attacks

The North Korean hacking group, named Lazarus, is now the most profitable cryptocurrency hacker syndicate globally, stealing $571 million worth of cryptocurrency since 2017.

Cybersecurity company Group-IB has released a summary of their annual report on trends in hi-tech cybercrime. Group-IB is one of the global leaders in providing high fidelity threat intelligence and anti-fraud solutions and has been active in computer forensics and information security since 2003.

The summary of “Successful Attacks on Crypto Exchanges 2017-2018”

The summary produced by Group-IB shows Korean hacking group Lazarus to be the clear leaders, having stolen $571 in total, the next biggest haul being by an unknown criminal group who netted $60 million.

After analyzing the report, Group-IB have said they expect the number of cryptocurrency exchanges attacks to increase. Lazarus are the more prolific group currently, but other hacking groups will likely take note of Lazarus’ haul and switch targets, seeing how lucrative it can be. Many financial hacking groups traditionally target banks.

How the cryptocurrency exchanges are targeted

When it comes to targeting cryptocurrency exchanges, mainly traditional methods are used. Some commonly called upon methods are spear phishing, social engineering and malware. The summary states:

Spear phishing remains the major vector of attack on corporate networks. For instance, fraudsters deliver malware under the cover of CV spam [with an attachment] that has a malware embedded in the document… After the local network is successfully compromised, the hackers browse the local network to find work stations and servers used working with private cryptocurrency wallets.

10% of total funds raised by ICO platforms stolen

The report discloses that the incredible portion of 10% of the total funds raised by ICO platforms over the last 18 months have been stolen. It asserts that the majority of these funds were stolen through phishing scams.

Another major issue in the cryptocurrency industry is what’s known as “crypto-fever”. Essentially crypto fever is the recent hype around cryptocurrencies that encourages people to jump on board the cryptocurrency band wagon without doing their homework. This means some novice investors are caught out by fake websites and targeted scams. The report states that these competent and large phishing groups are able to steal roughly $1 million a month.

Some of these fake websites can look very authentic and most novice investors and some seasoned ones would be unable to distinguish it from a legitimate site. Some include whitepapers, and cryptocurrency project descriptions, appearing legitimate, investors then put their funds into it.