Atomic Wallet is beefing up the security of its platform through a new initiative that will give monetary awards to those who discover potential vulnerabilities in its app. In a new statement, the decentralized wallet company says it is launching a bug bounty program with a cumulative prize pool of $1 million months after suffering […]
The post Atomic Wallet Launches $1,000,000 Bug Bounty Program Months After Suffering Multi-Million Dollar Hack appeared first on The Daily Hodl.
North Korea has greatly increased its focus on the crypto industry since 2017, stealing over $3 billion in digital assets, according to cybersecurity firm Recorded Future. The firm says that the North Korean regime has a “highly trained cadre of computer science professionals” with privileged access to new technology and information. State-backing allows the country’s […]
The post $3,000,000,000 Worth of Crypto Stolen by North Korean Hackers in Six Years, Says Cybersecurity Firm appeared first on The Daily Hodl.
A gaming-focused Ethereum (ETH) sidechain is integrating with Binance Pay as a means of making wallet funding easier for consumers. In a new blog post, Ethereum sidechain Ronin (RON) says that it is collaborating with the world’s largest crypto exchange by volume to make it easier to fund the Ronin crypto wallet. According to Ronin, […]
The post Gaming-Focused Ethereum (ETH) Sidechain Ronin Integrates Binance Pay To Enable Easier Wallet Funding appeared first on The Daily Hodl.
A Bloomberg analyst says that the U.S. Securities and Exchange Commission (SEC) is gearing up to approve all bids for a spot market Bitcoin (BTC) exchange-traded fund (ETF). In a lengthy thread on the social media platform X, James Seyffart says that the SEC making earlier-than-expected rulings on Franklin’s bids for a BTC ETF means […]
The post Bloomberg Analyst Says SEC Lining Up To Potentially Approve All Spot Bitcoin ETF Applications in January appeared first on The Daily Hodl.
The U.S. government is sanctioning another crypto mixing protocol, accusing it of aiding North Korea in laundering hundreds of millions of dollars worth of stolen digital assets. In a new press release, the U.S. Department of the Treasury says that its Office of Foreign Assets Control (OFAC) is sanctioning the crypto tumbler Sinbad for allegedly […]
The post U.S. Government Enacts Sanctions on Crypto Mixer Sinbad Under Allegations of Aiding North Korean Money Laundering appeared first on The Daily Hodl.
The government department has previously imposed sanctions on crypto mixers Blender and Tornado Cash despite many in the space pushing back on actions against software tools.
The United States Treasury Department’s Office of Foreign Assets Control (OFAC) imposed sanctions on cryptocurrency mixer Sinbad, alleging the platform was responsible for laundering funds for the North Korea-based hacking group Lazarus.
In a Nov. 29 announcement, OFAC said Sinbad had “processed millions of dollars’ worth of virtual currency from Lazarus Group heists,” including the June 2022 hack of Horizon Bridge, the March 2022 hack of Axie Infinity’s Ronin Bridge and the June 2023 hack of Atomic Wallet. The hacks resulted in a combined loss of roughly $850 million at the time.
“Mixing services that enable criminal actors, such as the Lazarus Group, to launder stolen assets will face serious consequences,” said Wally Adeyemo, deputy secretary of the Treasury. “The Treasury Department and its U.S. government partners stand ready to deploy all tools at their disposal to prevent virtual currency mixers, like Sinbad, from facilitating illicit activities.”
This is a developing story, and further information will be added as it becomes available.
The social engineering attacks trick community members into downloading a malicious ZIP archive named ‘Cross-platform Bridges.zip’ — imitating an arbitrage bot designed for automated profit generation.
A new malware discovered on Apple’s macOS — tied to the North Korean hacking group Lazarus — has reportedly targeted blockchain engineers of a cryptocurrency exchange platform.
The macOS malware “KandyKorn” is a stealthy backdoor capable of data retrieval, directory listing, file upload/download, secure deletion, process termination, and command execution, according to an analysis by Elastic Security Labs.
The above flowchart explains the steps taken by the malware to infect and hijack users’ computers. Initially, the attackers spread Python-based modules via Discord channels by impersonating members of the community.
The social engineering attacks trick community members into downloading a malicious ZIP archive named ‘Cross-platform Bridges.zip’ — imitating an arbitrage bot designed for automated profit generation. However, the file imports 13 malicious modules that work together to steal and manipulate information. The report read:
“We observed the threat actor adopting a technique we have not previously seen them use to achieve persistence on macOS, known as execution flow hijacking.”
The cryptocurrency sector remains a primary target for Lazarus, primarily motivated by financial gain rather than espionage, their other main operational focus.
The existence of KandyKorn underscores that macOS is well within Lazarus’ targeting range, showcasing the threat group’s remarkable ability to craft sophisticated and inconspicuous malware tailored for Apple computers.
Related: Onyx Protocol exploiter begins siphoning $2.1M loot on Tornado Cash
A recent exploit on Unibot, a popular Telegram bot used to snipe trades on the decentralized exchange Uniswap, crashed the token's price by 40% in one hour.
.@TeamUnibot seems exploited, the exploiter transfers memecooins from #unibot users and is exchanging them for the $ETH right now.
— Scopescan ( . ) (@0xScopescan) October 31, 2023
The current exploit size is ~$560K
Exploiter address:https://t.co/ysyTmgUAit pic.twitter.com/MF85Fdk892
Blockchain analytics firm Scopescan alerted Unibot users about an ongoing hack, which was later confirmed by an official source:
“We experienced a token approval exploit from our new router and have paused our router to contain the issue.”
Unibot committed to compensating all users who lost funds due to the contract exploit.
Magazine: Slumdog billionaire 2: ‘Top 10… brings no satisfaction’ says Polygon’s Sandeep Nailwal
The North Korean hacker collective the Lazarus Group holds tens of millions of dollars worth of Bitcoin (BTC) and other digital assets, according to the latest on-chain data. Researchers at 21.co, the parent company of 21shares, the world’s largest crypto exchange-traded product (ETP) issuer, have created a new dashboard showing the crypto holdings of the […]
The post North Korean Hackers Lazarus Group Holds Over $46,000,000 in Bitcoin, Ethereum and Other Crypto: On-Chain Data appeared first on The Daily Hodl.
The North Korean hacking collective has at least $47 million in cryptocurrency, including Bitcoin, Ether, Binance Coin and various stablecoins, including Binance USD.
North Korean hacking collective Lazarus Group holds a whopping $47 million in cryptocurrency, most of which is in Bitcoin (BTC), new data shows.
According to data collated on Dune Analytics from 21.co — the parent company of 21Shares — wallets associated with the Lazarus Group currently hold around $47 million worth of digital assets, including $42.5 million in Bitcoin, $1.9 million in Ether (ETH), $1.1 million in Binance Coin (BNB) and an additional $640,000 in stablecoins, primarily BUSD.
However, the amount of crypto held appears to have dropped from the $86 million the group held on Sept. 6, a few days after the Stake.com hack in which Lazarus was implicated.
The Dune dashboard tracks 295 wallets identified by the U.S. Federal Bureau of Investigation (FBI) and Office of Foreign Assets Control (OFAC) as being owned by the hacking group, it noted.
Surprisingly, the group does not hold any privacy coins such as Monero (XMR), Dash, or Zcash (ZEC) which are arguably much harder to trace.
Meanwhile, Lazarus crypto wallets are still highly active with the most recent transaction being recorded on September 20.
21.co also noted that the group’s holdings are likely to be much higher than what has been reported. “We should note that this is a lower-bound estimation of Lazarus Group’s crypto holdings based on publicly available information,” it stated.
Related: 3 steps crypto investors can take to avoid hacks by the Lazarus Group
On September 13, Cointelegraph reported that the Lazarus group carried out the attack on crypto exchange CoinEx, which lost at least $55 million.
The FBI has also fingered Lazarus for the Alphapo, CoinsPaid, and Atomic Wallet hacks, which collectively added up to more than $200 million that the group stole in 2023.
However, Chainalysis reported that crypto thefts by North Korea-linked hackers are down a whopping 80% from 2022. As of mid-September, North Korea-linked groups had stolen a total of $340.4 million in crypto, down from a record $1.65 billion in pilfered digital assets in 2022.
Late last week, United States federal authorities warned of "significant risk" for potential attacks on U.S. healthcare and public health sector entities by the Lazarus Group.
Magazine: $3.4B of Bitcoin in a popcorn tin: The Silk Road hacker’s story
The Lazarus Group has mastered the art of stealing crypto investors’ assets. Here are a few tips on how investors can protect their portfolios.
Cryptocurrency users frequently fall prey to online hacks with Mark Cuban being just the latest high-profile example how nearly a million dollars can leave your digital wallet.
It is possible to substantially bolster the security of your funds by heeding three simple guidelines that will be outlined in this article. But before delving into these, it's crucial to understand the type of threat that exists today.
The Lazarus Group is a North Korean state-sponsored hacking group, known for their sophisticated attacks linked to various cyberattacks and cybercriminal activities, including the WannaCry ransomware attack.
WannaCry disrupted critical services in numerous organizations, including healthcare institutions and government agencies by encrypting files on infected computers and demanding a ransom payment in Bitcoin (BTC).
One of its earliest crypto-related hacks was the breach of South Korean crypto exchange Yapizon (later rebranded to Youbit) in April 2017, resulting in the theft of 3,831 Bitcoin, worth over $4.5 million at the time.
The Lazarus Group's activities in the cryptocurrency space have raised concerns about its ability to generate funds for the North Korean regime and evade international sanctions. For instance, in 2022 the group was tied to a number of high-profile cryptocurrency hacks, including the theft of $620 million from Axie Infinity bridge Ronin.
The Federal Bureau of Investigation (FBI) blamed Lazarus Group for the Alphapo, CoinsPaid and Atomic Wallet hacks, stating that losses from all of these hacks add up to over $200 million the group has stolen in 2023.
This month, the FBI have attributed Lazarus Group to a $41 million hack of the crypto gambling site Stake, which was carried out through a spear-phishing campaign that targeted some of its employees.
Lastly, according to blockchain security firm SlowMist, the $55 million hack of the crypto exchange CoinEx was carried out by the North Korean state sponsored hackers.
Contrary to what movies usually display, meaning hackers either gaining physical access to devices or brute forcing passwords, most hacks occur through phishing and social engineering. The attacker relies on human curiosity or greed to entice the victim.
Those hackers may pose as customer support representatives or other trusted figures in order to trick victims into giving up their personal information.
For instance, a hacker might impersonate a company's IT support and call an employee, claiming they need to verify their login credentials for a system update. To build trust, the attacker might use public information about the company and the target's role.
Related: North Korean crypto hacks down 80%, but that could change overnight: Chainalysis
Phishing attacks involve sending deceptive emails or messages to trick recipients into taking malicious actions. An attacker might impersonate a reputable organization, such as a bank, and send an email to a user, asking them to click on a link to verify their account. The link takes them to a fraudulent website where their login credentials are stolen.
Baiting attacks offer something enticing to the victim, such as free software or a job opportunity. An attacker poses as a recruiter and creates a convincing job posting on a reputable job search website. To further establish trust, they may even conduct a fake video interview, and later inform the candidate that they have been selected. The hackers proceed by sending a seemingly innocuous file, like a PDF or a Word document, which contains malware.
Luckily, despite the increasing sophistication and capabilities of hackers today, there are three simple steps you can take to keep your funds safe. Namely:
This article is for general information purposes and is not intended to be and should not be taken as legal or investment advice. The views, thoughts, and opinions expressed here are the author’s alone and do not necessarily reflect or represent the views and opinions of Cointelegraph.
