The notorious Lazarus Group, linked to North Korea, has been spotted moving crypto assets through mixers and developing new cyber threats.
Recent Asset Movements by Lazarus Group
On March 13, blockchain security firm CertiK detected a deposit of 400 ETH, equivalent to around $750,000, into Tornado Cash. These assets trace back to the activities of the Lazarus Group, known for major hacks of exchanges like Bybit and Phemex.
New Threats: Uncovering Malicious Software
Researchers at Socket have uncovered the deployment of six new malicious packages by Lazarus hackers. These packages are designed to infiltrate developer environments, steal data, and install backdoors. The focus is on the Node Package Manager (NPM) ecosystem.
Attack Approaches and Methods
The malware targets popular crypto wallets like Solana and Exodus and uses typosquatting tactics to deceive developers. The attack focuses on browsers and macOS systems, aiming at file systems and keychain data. While definitive attribution to Lazarus is challenging, the tactics indicate their involvement.
Lazarus Group continues to pose a threat to the global cryptocurrency ecosystem, intensifying its hacking efforts and movement of stolen assets. Experts advise exercising caution and adopting security measures.
