- Lazarus Group uses LinkedIn to impersonate recruiters and deploy malware targeting crypto industry professionals.
- Since 2009, Lazarus has stolen over $3 billion by exploiting the crypto sector, continuing their schemes despite global sanctions.
- Blockchain firms often freeze assets linked to Lazarus, hindering their ability to move funds; $64.4 million frozen in 2023.
The North Korean hacker collective known as Lazarus has once again manipulated LinkedIn users into downloading malware that leads to substantial financial theft. The most recent analysis by the blockchain security company SlowMist uncovered this strategy, revealing the depth of Lazarus’s ongoing cyber assaults.
Innovative Tactics for Theft
SlowMist reported that individuals posing as job seekers in the blockchain and cryptocurrency sector connected with potential employers only to introduce dangerous software into their systems. This deceptive approach involved offering coding tasks purported to be part of the employment process, which were, in reality, Trojan horses designed to grant hackers remote access.
Once executed, this malware allowed the Lazarus group to siphon off vital information and assets. The technique was not novel; a similar incident occurred in December 2023 when Lazarus posed as a Meta recruiter, targeting unsuspecting users with malware-laced job opportunities.
A Legacy of Cyber Heists
Lazarus’s notorious history dates back to its emergence in 2009. Known for their sophisticated cyber operations, they have continually adapted their methods to target financial assets, particularly in the crypto industry. For instance, in August 2023, they diverted $37 million from CoinPaid using a phony job interview scheme.
Despite various international sanctions, Lazarus has successfully executed several high-profile thefts, including the $625 million Ronin Bridge hack in 2022. These funds are often laundered through crypto mixers and suspected of supporting North Korea’s military endeavors.
Crypto platforms play a critical role in combatting these thefts by freezing stolen assets. In the past year alone, exchanges like Huobi and Binance have managed to block over $64.4 million in transactions associated with Lazarus, showcasing the ongoing battle against such cyber threats within the decentralized nature of blockchain technology.
