The infamous hacker group Lazarus APT is continuously targeting cryptocurrency exchanges, according to a warning by Kaspersky Lab.
In a blog post published on March 26, the Russian computer security company outlined that the motives behind the attacks are mainly financial. Moreover, the North Korea-backed hacking group is also evolving its attacking tricks and tactics to outsmart the exchanges’ security firewall.
“Financial gain remains one of the main goals for Lazarus, with its tactics, techniques, and procedures constantly evolving to avoid detection,” the post noted.
The security company detailed that Lazarus is attacking both Windows and Mac platforms using its sophisticated malware.
“In the middle of 2018, we published our Operation Applejeus research, which highlighted Lazarus’s focus on cryptocurrency exchanges utilizing a fake company with a backdoored product aimed at cryptocurrency businesses,” Kaspersky stated. “One of the key findings was the group’s new ability to target macOS. Since then Lazarus has been busy expanding its operations for the platform.”
Crypto Businesses Beware
The Kaspersky Labs also advised cryptocurrency businesses to take extra caution with security measures in the presence of these notorious groups laying traps to steal public money.
“If you’re part of the booming cryptocurrency or technological Startup industry, exercise extra caution when dealing with new third parties or installing software on your systems [...] And never ‘Enable Content’ (macro scripting) in Microsoft Office documents received from new or untrusted sources,” the cybersecurity firm advised.
Lazarus APT is one of the most notorious hacking groups targeting crypto exchanges. Reportedly, the group is behind five digital Exchange breaches out of a total number of 14. The most infamous attack purportedly associated with this group was the $536 million worth crypto theft from Japanese crypto exchange Coincheck, which reshaped the entire crypto market in the country.
Attacks in 2019
Despite the rising technological and business standards, crypto exchanges are not immune to cyber attacks. In less than three months in 2019, two exchanges were attacked - Cryptopia and DragonEx - and millions in funds were compromised. The most recent one is the theft of an undisclosed amount from Singapore-based crypto exchange DragonEx about which Finance Magnates reported yesterday.