1. Home
  2. north korean hackers

north korean hackers

North Korean hacker BlueNoroff targets crypto firms with new malware

Coin Telegraph
North Korean hacker BlueNoroff targets crypto firms with new malware
BlueNoroff

According to cybersecurity firm Recorded Future, North Korean hacker groups have stolen approximately $3 billion in funds since 2017.

BlueNoroff, the infamous North Korean hacker group responsible for a string of phishing and cybersecurity attacks since 2019, is targeting crypto firms with a new malware that attacks MacOS computers.

According to a report from SentinelLabs, the malware operation nicknamed “Hidden Risk” is spread through PDF files in multiple stages. The threat actors use fake news headlines and legitimate crypto market research to lure in unsuspecting individuals and companies.

Once the user downloads the PDF file, a seemingly legitimate decoy PDF is downloaded and opened, while the malware downloads as a separate file on the MacOS desktop in the background.

Read more

Read more
‘BITSANITY’ — Records broken with B in volume for Bitcoin stocks, ETFs

‘BITSANITY’ — Records broken with $70B in volume for Bitcoin stocks, ETFs

US gov files complaints to seize assets from North Korean hackers

Coin Telegraph
US gov files complaints to seize assets from North Korean hackers
Coin Telegraph

According to PeckShieldAlert, losses from crypto hacks and exploits accounted for over $120 million in losses during September 2024.

The United States government filed two legal complaints on October 4, 2024, to begin seizing more than $2.67 million in digital assets stolen by the North Korean Lazarus hacking group.

According to the legal filings, the US government seeks to recover approximately $1.7 million in Tether (USDT) stolen by the organization in the 2022 Deribit hack — which left the options exchange drained of $28 million.

Once the hackers successfully breached a Deribit hot wallet, they passed the funds through the Tornado Cash mixer and several Ethereum (ETH) addresses in an attempt to avoid detection.

Read more

Read more
‘BITSANITY’ — Records broken with B in volume for Bitcoin stocks, ETFs

‘BITSANITY’ — Records broken with $70B in volume for Bitcoin stocks, ETFs

US Targets Lazarus Group and APT38 in $879M Crypto Forfeiture Complaint

Bitcoin.com
US Targets Lazarus Group and APT38 in 9M Crypto Forfeiture Complaint
APT38
US Targets Lazarus Group and APT38 in 9M Crypto Forfeiture ComplaintOffshore Alert reporter David Marchant disclosed the United States has initiated two forfeiture complaints related to previously confiscated bitcoin (BTC) and tether (USDT), alleging that these funds were snatched by the notorious North Korean hacking groups Lazarus Group and Advanced Persistent Threat 38 (APT38). These cyber hacking syndicates are known for their operations to fund […]
Read more
‘BITSANITY’ — Records broken with B in volume for Bitcoin stocks, ETFs

‘BITSANITY’ — Records broken with $70B in volume for Bitcoin stocks, ETFs

Bitcoin ETFs are next major target for North Korean hackers — Cyvers

Coin Telegraph
Bitcoin ETFs are next major target for North Korean hackers — Cyvers
bitcoin etf

North Korean hackers could be eying the infrastructure around Bitcoin ETFs, lured by the $52 billion worth of cumulative holdings.

North Korean hackers, including the infamous Lazarus Group, may begin targeting larger objectives, including United States-based Bitcoin (BTC) exchange-traded funds (ETFs).

The Lazarus Group is associated with some of the most notorious hacks in the cryptocurrency space, including the biggest hack in decentralized finance, the $625 million Ronin bridge hack.

Hackers could start shifting their attention to the US Bitcoin ETFs due to the sizable potential bounty, according to Michael Pearl, vice president of GTM strategy at onchain security company Cyvers.

Read more

Read more
‘BITSANITY’ — Records broken with B in volume for Bitcoin stocks, ETFs

‘BITSANITY’ — Records broken with $70B in volume for Bitcoin stocks, ETFs

Report Uncovers North Korean Hackers’ Crypto Job Board Infiltration

Bitcoin.com
Report Uncovers North Korean Hackers’ Crypto Job Board Infiltration
bitcoin.com
Report Uncovers North Korean Hackers’ Crypto Job Board InfiltrationNorth Korean hackers are infiltrating crypto job boards, posing as fake applicants to steal sensitive data, hack systems, and gather assets, according to a DL News investigation. More than 4,000 North Koreans have been directed to penetrate the tech industry, including crypto, by concealing their identities. This scheme reportedly generates up to $600 million annually […]
Read more
‘BITSANITY’ — Records broken with B in volume for Bitcoin stocks, ETFs

‘BITSANITY’ — Records broken with $70B in volume for Bitcoin stocks, ETFs

North Korean Hacker Group Targets South Korean Crypto Firms With New ‘Durian’ Malware

Bitcoin.com
North Korean Hacker Group Targets South Korean Crypto Firms With New ‘Durian’ Malware
bitcoin.com
North Korean Hacker Group Targets South Korean Crypto Firms With New ‘Durian’ MalwareThe North Korean hacker organization Kimsuky has employed a new malware named “Durian” in targeted cyber attacks against at least two South Korean cryptocurrency companies, according to a report by cybersecurity firm Kaspersky. This malware variant, characterized by its multifunctional backdoor capabilities, was distributed through exploiting legitimate security software specific to South Korean crypto firms, […]
Read more
‘BITSANITY’ — Records broken with B in volume for Bitcoin stocks, ETFs

‘BITSANITY’ — Records broken with $70B in volume for Bitcoin stocks, ETFs

South Korea plans to submit bill to freeze North’s crypto assets: Report

Coin Telegraph
South Korea plans to submit bill to freeze North’s crypto assets: Report
Coin Telegraph

The cybersecurity bill’s latest version reportedly contains ways to “track and neutralize” crypto and digital assets stolen by North Korea, according to a local media report.

The government of South Korea is reportedly planning to submit a bill that will track and freeze North Korean crypto and virtual assets that are used to fund illicit weapons programs. 

According to a report by a local media outlet, the Korea JoongAng Daily, multiple anonymous government sources confirmed on Aug. 3 that the bill is in the works. A government official who remained anonymous reportedly said that the bill would reflect the president’s belief that the country’s cybersecurity framework needs to be repaired, the report said.

Another unnamed source who works in the administration said that the bill’s latest version contains ways to “track and neutralize” crypto and other virtual assets stolen by North Korea through hacks and exploits. According to the report, this was not included in the initial bill proposed by the National Intelligence Service (NIS) in November 2022. 

Apart from the new cybersecurity bill, the administration is also reportedly planning on creating a national cybersecurity committee under the direct control of the president. The committee enforces various measures to enhance the country’s defenses against hacking attempts by foreign entities.

According to the report, this committee will be headed by the National Security Office’s chief and will include the NIS director.

Related: South Korea sets independent sanctions for crypto theft against North Korea

North Korean hackers have stolen a large amount of digital assets from numerous victims through different exploits. On Aug. 18, blockchain intelligence firm TRM Labs estimated that around $2 billion was lost to North Korean cyberattacks since 2018. The data shows that in 2023 alone, North Korea was responsible for the theft of $200 million worth of crypto, which is 20% of all the stolen funds this year.

Meanwhile, the United States Federal Bureau of Investigation (FBI) is also making an effort to track North Korean state-backed hackers. On Aug. 23, the FBI flagged six Bitcoin wallets connected to the North Korean hacking group Lazarus. The wallets had 1,580 Bitcoin (BTC), worth roughly $40 million, which is believed to be the spoils of various hacks.

Magazine: Should crypto projects ever negotiate with hackers? Probably

Read more
‘BITSANITY’ — Records broken with B in volume for Bitcoin stocks, ETFs

‘BITSANITY’ — Records broken with $70B in volume for Bitcoin stocks, ETFs

North Korea’s Lazarus Group masterminded $100M Harmony hack: FBI confirms

Coin Telegraph
<div>North Korea's Lazarus Group masterminded 0M Harmony hack: FBI confirms</div>
Coin Telegraph

The FBI also confirmed earlier reports this month by figures such as ZachXBT that the hackers had started moving a large chunk of the funds around via privacy protocols.

The Federal Bureau of Investigation (FBI) has confirmed the Lazarus Group and APT38 as the culprits behind the $100 million Harmony Bridge Hack from June 2022.

The North Korea-linked cyber group had long been suspected of being behind the attack but their involvement hadn’t been confirmed by authorities until now.

According to a Jan. 23 statement, the FBI noted that “through our investigation, we were able to confirm that the Lazarus Group and APT38, cyber actors associated with the DPRK, are responsible for the theft of $100 million of virtual currency from Harmony’s Horizon bridge.”

The Harmony Bridge hack in 2022 was the result of security holes in Harmony’s Horizon Ethereum bridge which allowed the cyber attackers to swipe a number of assets stored in the bridge via 11 transactions.

The FBI also outlined that the North Korean hackers started shifting around $60 million worth of the stolen funds earlier this month via the Ethereum-based privacy protocol RAILGUN. Blockchain sleuth ZachXBT previously highlighted such via Twitter on Jan. 16.

Notably, Binance also detected the hackers were trying to launder the funds through the Huobi crypto exchange, and then promptly assisted it in freezing and recovering the digital assets deposited by the hackers, according to CEO Changpeng Zhao.

“On Friday, January 13, 2023, North Korean cyber actors used RAILGUN, a privacy protocol, to launder over $60 million worth of Ethereum (ETH) stolen during the June 2022 heist,” the FBI stated, adding that “a portion of these funds were frozen, in coordination with some of the virtual asset service providers. The remaining bitcoin subsequently moved to the following addresses.”

In its statement, the FBI said its cyber and virtual assets units, as well as the U.S. Attorney's Office and the U.S. Justice Department's crypto unit, have continued “to identify and disrupt North Korea’s theft and laundering of virtual currency, which is used to support North Korea’s ballistic missile and Weapons of Mass Destruction programs."

Related: Google Ads-delivered malware drains NFT influencer’s entire crypto wallet

The Lazarus group is a well known hacking syndicate that has reportedly had a hand in a number of key exploits in the crypto industry, and has alleged to have been behind the $600 million Ronin Bridge hack from March last year.

In April 2022, the United States Treasury Department Office of Foreign Assets Control indicated as such, by updating its Specially Designated Nationals and Blocked Persons (SDN) to include the Lazarus Group following the hack.

That same month, the FBI and Cybersecurity and Infrastructure Security Agency also fired off a warning alert concerning North Korean state-sponsored cyber threats that target blockchain companies in response to the Ronin Bridge hack.

Read more
‘BITSANITY’ — Records broken with B in volume for Bitcoin stocks, ETFs

‘BITSANITY’ — Records broken with $70B in volume for Bitcoin stocks, ETFs

US Seizes Cryptocurrency Worth $30 Million From North Korean Hackers

Bitcoin.com
US Seizes Cryptocurrency Worth Million From North Korean Hackers
bitcoin.com
US Seizes Cryptocurrency Worth Million From North Korean HackersBlockchain data analytics firm Chainalysis has revealed that U.S. authorities have seized cryptocurrency worth $30 million from North Korean hackers. “This marks the first time ever that cryptocurrency stolen by a North Korean hacking group has been seized, and we’re confident it won’t be the last,” the firm’s director of investigations said. $30 Million in […]
Read more
‘BITSANITY’ — Records broken with B in volume for Bitcoin stocks, ETFs

‘BITSANITY’ — Records broken with $70B in volume for Bitcoin stocks, ETFs

Dutch Law Enforcement Arrests Suspected Tornado Cash Developer in Amsterdam

Bitcoin.com
Dutch Law Enforcement Arrests Suspected Tornado Cash Developer in Amsterdam
Amsterdam
Dutch Law Enforcement Arrests Suspected Tornado Cash Developer in AmsterdamAccording to a statement from the Dutch Fiscal Information and Investigation Service (FIOD), law enforcement officials in Amsterdam arrested an unnamed 29-year-old suspected of developing the ethereum mixing application Tornado Cash. FIOD accuses the suspect of “concealing criminal financial flows and facilitating money laundering through the mixing of cryptocurrencies.” Netherlands Law Enforcement Takes Suspected Tornado […]
Read more
‘BITSANITY’ — Records broken with B in volume for Bitcoin stocks, ETFs

‘BITSANITY’ — Records broken with $70B in volume for Bitcoin stocks, ETFs

WordPress Theme by cactus.com
Close

Share this video