Lazarus Group, a notorious hacking organization linked to North Korea, has been making headlines recently for their involvement in laundering cryptocurrencies and attacking developers with malware. In the last five days alone, the group transferred 400 ETH (equivalent to $750,000) to Tornado Cash and laundered a whopping $2.91 billion through THORChain.
The activities of Lazarus Group came to light when blockchain security company CertiK detected the deposit of 400 ETH into Tornado Cash on March 13. This transfer was traced back to Lazarus Group’s activities on the Bitcoin network, adding to their long list of crypto-related breaches, including the $1.4 billion Bybit attack in February.
In addition to their money laundering schemes, Lazarus Group has also been targeting developers in the NPM ecosystem with malicious packages like “BeaverTail.” These harmful packages are designed to infect developer systems, steal credentials, access crypto data, and install hidden access points. By embedding malware in fake files disguised as legitimate ones, the hackers were able to deceive unsuspecting developers and gain access to sensitive information.
Following these attacks, Lazarus Group attempted to conceal their stolen assets by utilizing THORChain, a decentralized exchange that operates without the need for identity verification. This tactic made it extremely challenging to track and recover the stolen funds, resulting in a significant amount of money passing through THORChain within a short period.
Moreover, Lazarus Group has also been engaging in fraudulent schemes targeting crypto founders, posing as potential investors during fake Zoom calls. By sending false meeting links and claiming technical difficulties, the hackers trick victims into downloading supposed fixes that actually infect their devices with malware. The majority of these attacks target crypto wallets, particularly those associated with Solana and Exodus.
Security experts have warned of the increasing sophistication of Lazarus Group’s tactics, reporting that the group has stolen over $1.3 billion in crypto through 47 attacks in 2024, more than double the amount stolen in the previous year. This alarming trend highlights the need for increased vigilance and security measures within the cryptocurrency community to protect against such malicious activities.
As the crypto landscape continues to evolve, it is crucial for stakeholders to remain informed and proactive in safeguarding their digital assets from threats posed by groups like Lazarus Group. Stay tuned for more updates on this developing story.