BTC+4.86%
Crypto
S. Korea Successfully Foils Cyber Attack by US-Sanctioned Lazarus Group: Report
The South Korean police says Lazarus prepared for the attack by studying security software used by local institutions.
Editorial disclosureRead more
All reviews, research, news and assessments of any kind on The Tokenist are compiled using a strict editorial review process by our editorial team. Neither our writers nor our editors receive direct compensation of any kind to publish information on tokenist.com. Our company, Tokenist Media LLC, is community supported and may receive a small commission when you purchase products or services through links on our website. Click here for a full list of our partners and an in-depth explanation on how we get paid.
According to the South Korean police, Lazarus Group attempted to hack more than 200 computers belonging to 61 South Korean institutions last year through the so-called “watering hole” attack. However, the cybercrime organization did not cause any damage as the South Korean police managed to identify Lazarus’s activity and block the attempts.
Lazarus Attacked Over 200 Computers Belonging to 61 S. Korean Institutions
Lazarus, one of the most prominent crypto cybercrime groups based in North Korea, launched cyber attacks on hundreds of computers belonging to 61 institutions from South Korea in 2022, according to Yonhap News, citing a police report. The National Police Agency (NPA) said that since June 2022, Lazarus hacked 207 computers belonging to these institutions, including eight media companies.
The computers were compromised through a “watering hole” attack that targeted security software installed. According to the NPA, to prepare for the hack, Lazarus first attacked a South Korean firm that distributes security software that is typically used for installing security plug-ins for online banking and financial services. This software is estimated to be installed on more than 10 million computers in South Korea.
The NPA also said that Lazarus had a predetermined plan in 2021 to infiltrate INISAFE – the firm that develops security software. The well-known hacking group reportedly studied the software’s flaws in recent years to build malware, but the police managed to spot the group’s activity on South Korean networks and cooperated with other agencies to preemptively block Lazarus’s further access. The NPA said that the attempts caused no actual damage.
Join our Telegram group and never miss a breaking digital asset story.
What is the Lazarus Group?
Lazarus Group is a cybercrime organization believed to be run by the North Korean government. It is best known for stealing a whopping $620 million from a non-fungible token (NFT) game, Axie Infinity, in the biggest-ever crypto hack.
Reports from last year revealed that funds stolen in the Axie Infinity hack were moved through Tornado Cash, one of the most popular crypto mixers. Tornado was sanctioned by the US Treasury Department in August 2022 after becoming one of crypto hackers’ favorite toys.
Lazarus has been accused of numerous other major cyber-attacks recently, including the WannaCry 2.0 ransomware attack in 2017, the Bangladesh bank heist in 2016, and the Sony Pictures Entertainment hack in 2014. In 2020, the group stole $275 million from the crypto exchange KuCoin. The group snatched more than $400 million worth of crypto funds in 2021 alone.
Did you know that the Lazarus Group is likely run by members of the North Korean government? Let us know in the comments below.
Tim Fries
Tim Fries is the cofounder of The Tokenist. He has a B. Sc. in Mechanical Engineering from the University of Michigan, and an MBA from the University of Chicago Booth School of Business. Tim served as a Senior Associate on the investment team at RW Baird's US Private Equity division, and is also the co-founder of Protective Technologies Capital, an investment firm specializing in sensing, protection and control solutions.
