In 2023, losses caused by crypto hacking incidents amounted to over $300 million, with the Lazarus Group being identified as the hacker organization responsible. This group, believed to have connections to North Korea, accounted for approximately 17.6% of the total losses recorded during that year.
As per a report from Fortune Magazine, although there has been a decrease in major crypto hacking incidents worldwide, North Korea has managed to retain its significant role as a key player in the realm of cybercrime.
The Lazarus Group is infamous for its involvement in major cyberattacks, including a notable 2014 attack on Sony Pictures, and has since become a prominent threat in the cryptocurrency industry.
Since then, they have redirected their efforts towards targeting crypto protocols, resulting in the successful theft of billions of dollars. One notable instance took place in March 2022, when they absconded with $600 million from the Ronin Network, a bridge utilized by the widely popular Web3 game, Axie Infinity.
According to the report, between 2021 and 2023, an estimated $1.9 billion has been stolen from numerous cryptocurrency projects, with the Ronin Network hack being the most significant breach. In 2023, Lazarus Group carried out a total of five successful attacks, with one notable incident being the theft of $70 million from the Hong Kong-based cryptocurrency exchange, CoinEx, in September.
Blockchain analytics firm, Elliptic, uncovered that a portion of the pilfered funds were routed through a cryptocurrency wallet address previously linked to Lazarus, indicating its utilization for money laundering endeavors.
Despite the concerning data, 2023 has experienced a reduction in the overall monetary losses from digital asset hacks compared to prior years. As reported by TRM Labs, a blockchain analytics firm, the total amount of stolen funds has decreased by over 50%, while the number of attacks has remained relatively constant.
This decline can be attributed to the implementation of enhanced cybersecurity measures within the industry and the increased attention from law enforcement agencies. Additionally, the decrease in prices may have diminished the profitability of such hacking endeavors.
However, despite the overall decline, the Lazarus Group remains a significant threat. In 2023, they altered their strategy and started focusing on targeting centralized finance (CeFi) platforms such as CoinEx, rather than decentralized protocols. They also targeted users of the noncustodial crypto wallet Atomic and the online casino and betting platform Stake.com.
Law enforcement agencies have been proactive in combating these illicit activities by tracing stolen funds and disrupting services known as crypto mixers. These mixers enable the combining and distribution of digital assets, thereby making tracking and investigation more complex.
According to Bitcoinist, the US Treasury Department imposed sanctions on Tornado Cash, a well-known mixing service, in August 2022. In September 2023, two of its founders were indicted on charges of money laundering. In November, the US Treasury Department also imposed sanctions on Sinbad.io, another mixing service that is frequently utilized by the Lazarus Group.
In order to further tackle digital exploits, the Treasury Department intends to broaden its supervisory authority over the sector. Deputy Secretary Wally Adeyemo proposed stricter know your customer (KYC) standards for decentralized platforms such as mixers and wallet providers during a crypto industry policy summit in late November.
Overall, while efforts to mitigate cyber threats in the crypto industry are ongoing, the persistence and evolving tactics of groups like Lazarus highlight the need for continued vigilance and proactive measures to safeguard the ecosystem.
Strengthening cybersecurity practices, enhancing regulatory oversight, and fostering international cooperation will play crucial roles in combating cryptocurrency-related cybercrime.
According to an investigation by cryptocurrency sleuth ZachXBT, the Lazarus Group laundered $200 million worth of cryptocurrency into fiat currency between August 2020 and October 2023.
JinseFinanceLazarus Group, notorious for $3 billion crypto exploits, withdrew $1.2 million Bitcoin from a coin mixer. Blockchain analysis by Arkham reveals their $79 million wallet. Recent attacks align with Lazarus's known patterns, raising concerns.
BerniceJinseFinanceLazarus Group's typical approach involves luring victims with enticing employment offers at reputable companies, tricking them into downloading malicious payloads disguised as documents.
DavinThe seizure was coordinated between Binance, Huobi, and Elliptic.
cryptopotatoIt is claimed North Korea is funding its nuclear weapons through cryptocurrency theft.
BeincryptoNorth Korea-linked cybercrime syndicate Lazarus Group has reportedly transferred $63.4 million in Ethereum from 2022’s mammoth Harmony bridge hack, depositing it on Binance, Huobi, and OKX.
decryptThe notorious North Korean hacker collective known as Lazarus has had a busy weekend moving millions of dollars in Ethereum.
cryptopotatoBlueNoroff has expanded its criminal activities to include posing as venture capitalists looking to invest in crypto startups.
decryptdeBridge Finance survives an attempted phishing attack, points a finger at the North Korean Lazarus Group, and warns the wider community to be on guard.
Cointelegraph