While investors across the crypto space are holding back from making investments in digital coins because of the current bearish trend, hackers on the other hand especially Lazarus the crypto winter isn’t a word in their vocabulary. For North Korea based hacking group Lazarus their focus is still on crypto exchange per reports from cybersecurity firms.
According to Kaspersky Lab cybersecurity and Group IB Threat intelligence and anti-fraud solutions firm, Lazarus is responsible for hacking incidence in the crypto sector. Their hacking activities have dotted the crypto map starting from one end to another leading to them being responsible for the loss of an accumulative amount of $882. Lazarus began their hacking spree in November 2018 and haven’t been held back by the current market trends. According to the above firms, Windows and Mac users are still susceptible to the attacks. Moreover, a report from the UN Security Council shows it’s hard to point a finger to the North Korean group since the latter is hiding behind the pseudonymous features that come with blockchain technology. Furthermore, rumor has it the North Korean government finances the group.
Nature of the Attacks
To launch their attack, Lazarus is using C2 servers which host the custom PowerShell scripts from the group. The latter are in place to facilitate communication between the malicious command & control (C2) servers which then run commands from the operator to initiate the actual hacking process. After gaining control of their targets server, the malware in question goes ahead to collect info for the hacker. Apart from the latter, the malware is so sophisticated and can upload and download files and also initiate system shell commands. The group uses rented servers to house the command and control scripts. Per Kaspersky Lab finding Lazarus seems to have found a liking in their neighbors South Korea and have focused their attacks there.
Apart from the above two firms voicing their views about the activities of the Lazarus, the United Nations Security Council believes North Korea is taking advantage of crypto nature and is stealing money through Lazarus to evade sanctions. Per their expert’s report, North Korea Lazarus group is behind the theft of funds worth $0.5 billion from reputable exchanges. Besides that, North Korea can evade the law since the crypto sector lacks proper regulations. Moreover, digital coins anonymous nature makes it harder to trace the funds.