North Korea-Backed Hacker Group Evolving Tactics to Attack Crypto Exchanges

Wednesday, 27/03/2019 | 09:00 GMT by Arnab Shome
  • The group was behind the attack on Coincheck.
North Korea-Backed Hacker Group Evolving Tactics to Attack Crypto Exchanges
FM

The infamous hacker group Lazarus APT is continuously targeting cryptocurrency exchanges, according to a warning by Kaspersky Lab.

In a blog post published on March 26, the Russian computer security company outlined that the motives behind the attacks are mainly financial. Moreover, the North Korea-backed hacking group is also evolving its attacking tricks and tactics to outsmart the exchanges’ security firewall.

“Financial gain remains one of the main goals for Lazarus, with its tactics, techniques, and procedures constantly evolving to avoid detection,” the post noted.

The security company detailed that Lazarus is attacking both Windows and Mac platforms using its sophisticated malware.

“In the middle of 2018, we published our Operation Applejeus research, which highlighted Lazarus’s focus on cryptocurrency exchanges utilizing a fake company with a backdoored product aimed at cryptocurrency businesses,” Kaspersky stated. “One of the key findings was the group’s new ability to target macOS. Since then Lazarus has been busy expanding its operations for the platform.”

Crypto Businesses Beware

The Kaspersky Labs also advised cryptocurrency businesses to take extra caution with security measures in the presence of these notorious groups laying traps to steal public money.

“If you’re part of the booming cryptocurrency or technological Startup industry, exercise extra caution when dealing with new third parties or installing software on your systems [...] And never ‘Enable Content’ (macro scripting) in Microsoft Office documents received from new or untrusted sources,” the cybersecurity firm advised.

Lazarus APT is one of the most notorious hacking groups targeting crypto exchanges. Reportedly, the group is behind five digital Exchange breaches out of a total number of 14. The most infamous attack purportedly associated with this group was the $536 million worth crypto theft from Japanese crypto exchange Coincheck, which reshaped the entire crypto market in the country.

Attacks in 2019

Despite the rising technological and business standards, crypto exchanges are not immune to cyber attacks. In less than three months in 2019, two exchanges were attacked - Cryptopia and DragonEx - and millions in funds were compromised. The most recent one is the theft of an undisclosed amount from Singapore-based crypto exchange DragonEx about which Finance Magnates reported yesterday.

The infamous hacker group Lazarus APT is continuously targeting cryptocurrency exchanges, according to a warning by Kaspersky Lab.

In a blog post published on March 26, the Russian computer security company outlined that the motives behind the attacks are mainly financial. Moreover, the North Korea-backed hacking group is also evolving its attacking tricks and tactics to outsmart the exchanges’ security firewall.

“Financial gain remains one of the main goals for Lazarus, with its tactics, techniques, and procedures constantly evolving to avoid detection,” the post noted.

The security company detailed that Lazarus is attacking both Windows and Mac platforms using its sophisticated malware.

“In the middle of 2018, we published our Operation Applejeus research, which highlighted Lazarus’s focus on cryptocurrency exchanges utilizing a fake company with a backdoored product aimed at cryptocurrency businesses,” Kaspersky stated. “One of the key findings was the group’s new ability to target macOS. Since then Lazarus has been busy expanding its operations for the platform.”

Crypto Businesses Beware

The Kaspersky Labs also advised cryptocurrency businesses to take extra caution with security measures in the presence of these notorious groups laying traps to steal public money.

“If you’re part of the booming cryptocurrency or technological Startup industry, exercise extra caution when dealing with new third parties or installing software on your systems [...] And never ‘Enable Content’ (macro scripting) in Microsoft Office documents received from new or untrusted sources,” the cybersecurity firm advised.

Lazarus APT is one of the most notorious hacking groups targeting crypto exchanges. Reportedly, the group is behind five digital Exchange breaches out of a total number of 14. The most infamous attack purportedly associated with this group was the $536 million worth crypto theft from Japanese crypto exchange Coincheck, which reshaped the entire crypto market in the country.

Attacks in 2019

Despite the rising technological and business standards, crypto exchanges are not immune to cyber attacks. In less than three months in 2019, two exchanges were attacked - Cryptopia and DragonEx - and millions in funds were compromised. The most recent one is the theft of an undisclosed amount from Singapore-based crypto exchange DragonEx about which Finance Magnates reported yesterday.

About the Author: Arnab Shome
Arnab Shome
  • 6613 Articles
  • 97 Followers
Arnab is an electronics engineer-turned-financial editor. He entered the industry covering the cryptocurrency market for Finance Magnates and later expanded his reach to forex as well. He is passionate about the changing regulatory landscape on financial markets and keenly follows the disruptions in the industry with new-age technologies.

More from the Author

CryptoCurrency