The FBI has unveiled evidence connecting a North Korean hacking group known as 'Lazarus' to the massive crypto heist of over $100 million – one of the biggest digital currency thefts to date.
According to a new report by the bureau, the group was behind the cyber attack executing orchestrated cryptocurrency thefts, involving a range of methods, including hacking into exchanges, deploying sophisticated malicious software, and deploying malware to gain backdoor access to victims' systems.
The FBI report states that the Lazarus group, which has been linked to the North Korean government since 2016, was behind a series of cyberattacks against cryptocurrency exchanges and other cryptocurrency-related targets.
Coordinated in multiple operations, beginning in 2017 and lasting through early 2018, the hackers reportedly stole more than $100 million worth of cryptocurrency from the victims. The currency was then laundered using the same exchange it was stolen from, as well as other exchanges around the world, the FBI adds.
Some of the currency stolen is said to have been recovered, however, the agency noted that a "substantial amount" remains outstanding.
The attacks were typically preceded by a highly targeted malware attack, often using spear phishing emails as a way to gain access to a victim's computer. Once the malicious code was deployed, it would allow the hackers to disguise their tracks and initiate the cryptocurrency theft.
Targeted attack techniques were used to steal the currency, including the use of sophisticated malware, known as a Remote Administration Tool (RAT) to gain backdoor access. The hackers also used extensively created malicious accounts and fake emails and websites to disguise the origin of the transactions and transactions.
The Lazarus group was also likely behind an attempted $1 billion ransomware attack at the same time, according to experts. Fortunately, the attempted ransom payment was blocked, but the attack highlighted the dangers of tainted cyberattacks, and the need for strict security protocols.
The FBI report is a stark reminder of the need for robust cyber security measures on any system handling large sums of money. It also provides further evidence for the need for continued vigilance and monitoring of malicious activity, in order to protect against increasingly sophisticated cyber-criminals.
This Cyber News was published on therecord.media. Publication date: Wed, 25 Jan 2023 17:13:02 +0000