North Korea’s Alazar Hacking Group Using LinkedIn to Target and Steal Assets: Report
North Korean hacker group Alazarus is using LinkedIn to target vulnerable users and steal their assets through targeted malware attacks.
The incident came to light after blockchain security analytics firm SlowMist reported that Lazarus Group hackers were posing as blockchain developers in the cryptocurrency industry via LinkedIn.
SlowMist says hackers steal confidential employee credentials after inviting them into their store to run related code. The code contains malicious code that steals the hacker's confidential information and assets.
Using LinkedIn for targeted attacks is not a new tactic, and a North Korean hacking group used a similar tactic in December 2023, as a fake meta recruiter.
After contacting the victims on LinkedIn, the fake employer asked the targeted “applicants” to download two coding tests as part of the hiring process. These two code files contain malware and release a Trojan that allows remote access when running on a work computer.
Lazarus stole more than $3 billion in crypto assets. In the year It is one of the most notorious and organized hacking groups that first emerged in 2009 and continues to target crypto companies despite several sanctions.
Lazarus is known for using innovative ways to target and steal money. In the year In August 2023, the group used fake job interviews to steal $37 million from crypto payment firm CoinPaid. The hackers attempted to infiltrate CoinsPaid infrastructure by targeting individuals with fake high-paying job offers.
RELATED: US Treasury Sanctions Blaming North Korea Ties Sinbad's Mix
The group has been behind some of the biggest hits in the crypto industry. The 2022 Ronin Bridge hack was the largest, with $625 million stolen.
The hacking group often uses crypto-mingling services to repatriate the stolen funds to North Korea, which is reportedly used to fund the country's military operations.
Although crypto companies are a target for hacker groups, the decentralized nature of blockchain makes it difficult to move their funds. Once identified, they are often monitored and blocked with the help of crypto platforms.
In the year In February 2023, Huobi and Binance froze $1.4 million worth of crypto assets linked to North Korea. Similarly, assets worth $63 million linked to the Harmony Bridge hack were also frozen by crypto exchanges.
Magazine: Deposit Risk: What do crypto exchanges do with your money?
