We’re taking an in-depth look at how Lazarus launders stolen money, and how investigators, exchanges, and financial institutions can leverage blockchain forensic tools like those provided by Chainalysis to fight back. In this edition of the CrimeCast, we’re joined by Jonathan Levin, the co-founder and Chief Strategy Officer of Chainalysis, a leading blockchain intelligence and investigations firm. The DOJ listed 145 virtual currency accounts and addresses that were used to launder the funds, 20 of which were included in a sanction designation, and any dealings with them carry civil and criminal penalties. government took action against two Chinese nationals for their role in helping the North Korea-aligned Lazarus Group launder funds stolen in cryptocurrency exchange hacks. Those looted funds are typically moved through exchanges and into the traditional financial sector, creating risks for both crypto firms and banks. $500 million in funds stolen from exchanges. Last August, a UN panel estimated the country was responsible for over North Korea, have targeted cryptocurrency exchanges in recent years, with considerable Generate funds and move money – Cryptocurrency crime. We encourage you to do your own research before investing.In conversation with Jonathan Levin, co-founder and Chief Strategy Officer, Chainalysisīy sanctions, the government of North Korea has turned to an unexpected outlet to This latest attack has almost the same implementation method as previous attacks done by this organization.ĭISCLAIMER: The Information on this website is provided as general market commentary and does not constitute investment advice. It can be seen that cross-chain protocols have always been the main target of this criminal organization. “Please stay SAFU and share this thread to let everyone know about potential attacks.” The co-founder then urged the firms and their employees to never open email attachments without verifying the sender’s full email address and to have an internal protocol for how teams share attachments. “The attack vector is as follows: user opens a link from email -> downloads & opens archive -> tries to open PDF, but PDF asks for a password -> user opens and infects the whole system.” Therefore, the lack of anti-virus software will help the malicious file to enter the machine and will be saved in the autostart folder, after which a simple script will start sending repeated requests to communicate with the attacker to receive instructions. The text file will basically infect the system. Instead, Windows users will be redirected to an archive with a suspicious password-protected pdf file with the same name and an additional file named. On the other hand, the Windows system is not immune to dangers. Smirnov further explains that macOS users are safe, as opening the link on a Mac will result in a zip archive with the normal PDF file Adjustments.pdf. PSA for all teams in Web3, this campaign is likely widespread. ![]() This helped them investigate the attack vector and understand its consequences.ġ/ has been the subject of an attempted cyberattack, apparently by the Lazarus group. ![]() While deBridge Finance tries to prevent the phishing attack, Smirnov warns that the fraud campaign is likely to broadly target Web3-focused platforms.Īccording to a long Twitter thread by moderators, most team members immediately flagged the email as suspicious, but one person downloaded and opened the file. The group has been active since at least 2009, and was reportedly responsible for the November 2014 destructive wiper attack against Sony Pictures Entertainment as part of the campaign Operation Blockbuster, which was named by Novetta. Cross-chain protocol co-founder and project lead, Alex Smirnov, alleges that the attack vector was through an email, in which several team members received a PDF file titled “New Salary Adjustment” from a fake address that copies the CEO’s address. Lazarus Group is a threat group that has been attributed to the North Korean government. The notorious hacking organization, backed by North Korea, Lazarus group has been identified as the perpetrator of a cyber attack against deBridge Finance. Our forums and mailing-list offer a space to ask questions and talk to users and the developers. Our wiki provides tutorials, documentation and ideas. It include scientists and students, pupils and teachers, professionals and hobbyists. deBridge becomes the next target of Lazarus Group Lazarus has a huge community of people supporting each other. The co-founder of deBridge Finance accused Lazarus Group of being the culprit in this cross-banana protocol attack through an email containing a malicious file.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |