Lazarus Group, a cybercriminal organization allegedly backed by North Korea, has expanded its tactics by targeting LinkedIn users, according to the cybersecurity firm SlowMist. The group has been carrying out a sophisticated phishing operation, posing as a senior executive from Fenbushi Capital, a well-known Chinese blockchain asset management company. SlowMist has uncovered the group’s scheme, which involves creating fake LinkedIn profiles and initiating private conversations with potential victims to gain their trust. The hackers then send malicious links disguised as meeting invitations or event pages, leading to phishing attacks aimed at stealing sensitive information or crypto assets. SlowMist’s investigation revealed that the hackers primarily target prominent DeFi projects, using the guise of investment company members to deceive their victims. The scale of crypto-related cybercrime is significant, with $1.7 billion worth of funds stolen from the crypto space across 231 hacks in 2023 alone, according to Chainalysis. While Lazarus Group’s activities on LinkedIn have gained attention, they have also been involved in exploitation attacks on other platforms. They recently transferred $12 million in Ether using Tornado Cash, a popular coin mixer. Additionally, their activities have had an impact on specific cryptocurrencies, such as Railgun, which experienced a decline in price following Lazarus’ illicit activities on the platform. Railgun has denied any association with the hacker group. Elliptic’s analysis suggested that Lazarus Group used Railgun to launder over $60 million worth of stolen Ethereum in June 2022, leading to controversy and a decline in the effectiveness of Railgun as a privacy protocol. Reports indicate that Lazarus Group has stolen over $3 billion worth of digital assets globally to date, with 40% of North Korea’s weapons of mass destruction being funded through illicit cyber means. The U.S. and its allies consider North Korea’s state-sponsored malware initiatives a threat to national security and have sanctioned crypto mixers, such as Sinbad, for their involvement in digital asset exploitation.
Subscribe to Updates
Get the latest creative news from FooBar about art, design and business.