According to cybersecurity firm Arkham, Lazarus Group, a North Korean state-sponsored cyber threat group, has managed to scoop a staggering $1.7 billion in cryptocurrency related hacks during the last year alone.
On September 15, Arkham took to X to reveal that Lazarus Group is responsible for looting millions of dollars worth of crypto in 2022 along with a series of recent high-profile hacks, amounting to more than $95 million in losses in just the past 10 days.
In the past 10 days, the Lazarus Group has been linked to 2 separate hacks totalling >$95M in damage.
They’re a North Korean state-sponsored hacking organization, estimated to be responsible for $1.7 Billion of hacks during last year alone. pic.twitter.com/trERjofpBz
— Arkham (@ArkhamIntel) September 14, 2023
Lazarus Group Continues to Wreck Havoc
This comes shortly after several reports suggested that the hacking syndicate was likely behind the recent Coinex hack on Tuesday, draining a whipping $54 million, which included 231 Bitcoin (BTC), 6,559 Ethereum (ETH), 137.128 million Tron (TRX) and several million in assorted ERC20 tokens and stablecoins.
Recently, the FBI identified Lazarus Group as the main culprit behind the $41 million theft from Stake.com, an online betting and casino platform. It is believed, the state sponsored hacking group has siphoned over $255 million in cryptocurrencies so far in 2023 with one of the largest attacks on Atomic Wallet that led to a loss of approximately $100 million worth of crypto assets.
In July, the Lazarus Group hit Alphapo, a centralized crypto payment provider for online platforms stealing over $60 million. At the same time, the hacker group was also blamed for the loss of at least $37 million from Estonian crypto-payments service provider CoinsPaid.
The frequency and scale of these recent attacks have put exchanges and crypto businesses on high alert. On Septmber 12, blockchain security firm SlowMist revealed an alarming trend, suggesting the infamous North Korean cyber threat outfit is actively targeting the cryptocurrency industry through an advanced persistent threat (APT) attack.
APT is a broad term used to describe an attack campaign in which an intruder, or team of intruders, establishes an illicit, long-term presence on a network in order to mine highly sensitive data. These kind of attacks are believed to be government-funded and used as cyber warfare weapons.
🚨SlowMist Security Alert🚨
Recently, we and our partners discovered a large-scale APT attack directed by the North Korean #LazarusGroup against the cryptocurrency industry.
The attack method is as follows:👇
The attacker first disguises his identity, deceives the auditor… pic.twitter.com/XsM7F0bPcV
— SlowMist (@SlowMist_Team) September 12, 2023
Is Kim Jong Un in Love with Crypto?
Over the recent past, North Korea has been actively using stolen crypto assets to fund its illicit weapons program. Recently, South Korea introduced a new cyber bill to stop North Korea’s crypto heists.
In a February report, blockchain analytics company Chainalysis stated that most experts agree the North Korean government is using these stolen assets to fund its nuclear weapons programs.
In a stement to CNBC, Nick Carlsen, intelligence analyst at blockchain analytics firm TRM Labs said In recent years, there has been a marked rise in the size and scale of cyber attacks against cryptocurrency-related businesses by North Korea that has coincided with an apparent acceleration in the country’s nuclear and ballistic missile programs. He added,
“North Korea is under pretty serious economic stress with international sanctions. They need every dollar they can. And this is just obviously a much more efficient way for North Korea to make money.”