Lazarus Group Moves 400 ETH to Tornado Cash
North Korea’s Lazarus Group continues its crypto laundering operations, shifting illicit funds whereas deploying new malware to focus on builders and steal digital property.
On Mar. 13, blockchain safety agency CertiK detected a deposit of 400 Ethereum (ETH), value round $750,000, to Twister Money. The transaction was traced again to Lazarus’s exercise on the Bitcoin (BTC) community. The group has been linked to a number of high-profile hacks, together with the $1.4 billion Bybit exploit in February.
Following the hack, the group hid the stolen funds utilizing quite a lot of strategies. To trade and switch massive quantities of cryptocurrency, they used decentralized exchanges like THORChain (RUNE), which don’t require id checks.
Experiences present that in simply 5 days, round $2.91 billion was moved by means of ThorChain, making it a lot more durable to trace and get well the cash.
In one other wave of cyber assaults, Lazarus Group has additionally launched six new malicious software program packages on the Node Package deal Supervisor platform, a software utilized by builders to handle and set up JavaScript packages for his or her tasks. On Mar. 11, safety agency Socket printed a report on the malware, which is designed to steal credentials and crypto pockets knowledge.
The malware, together with a bundle referred to as BeaverTail, disguises itself as official JavaScript libraries utilizing typosquatting, the place attackers barely alter the names of trusted software program to trick builders into downloading it. It primarily targets saved credentials in Chrome, Courageous, and Firefox browsers, in addition to Solana and Exodus wallets.
Moreover, the group has been making an attempt to trick crypto founders through the use of pretend Zoom calls. Hackers pose as enterprise capitalists and ship pretend assembly hyperlinks, claiming audio points. When victims obtain a supposed repair, malware is put in. Safety researchers have reported that a number of crypto founders have encountered these scams.
Based on Chainalysis, North Korean hackers stole over $1.3 billion in crypto throughout 47 assaults in 2024, greater than double the quantity stolen in 2023.
