The North Korean-related Lazarus Group is adopting a new way of violating crypto companies. It sends cryptocurrency to targets as part of an elaborate social engineering scheme.
According to 23pds, the pseudonym Chief Information Security Officer (CISO) at Web3 security company Slowmist, the tactic aims to gain victim trust before deploying malicious code.
23pds revealed that one recipient received at least $400 in USDT, but the actual payments could reach thousands.
He said:
“Lazaro Hackers make hundreds or thousands of dollars to pay victims directly, just to gain the trust of the victim.”
These payments are designed to make the attacker look legal, increasing the likelihood that the victim will comply with the request.
Social Engineering Hack
Unlike traditional cyberattacks that harness technical vulnerabilities, the social engineering hack approach focuses on manipulating human behavior.
Hackers identify employees working in crypto companies, establish contacts, and send digital assets to gain credibility. Once trust is established, they trick the victim into running malicious code built into the background.
These interactions often occur via private Github repository or live chat tools. Once access is granted, the attacker manipulates the victim to execute compromised code, allowing for fraudulent entries into the company system.
With this in mind, 23pds warned that crypto companies must train their employees to enhance their internal security measures and recognize such deceptive tactics.
He added:
“All platforms, PLS should check themselves, be careful about safety and train staff on safety awareness.”
North Korean hackers
The incident highlights the evolving nature of crypto-related crimes as industry security concerns grow. It also suggests that the Lazarus group may be preparing for a revival after its activity declined in late 2024.
In 2024, North Korean-backed hackers stole $1.34 billion, a total of $2.2 billion stolen from the crypto sector. This marked a staggering 103% increase from $660 million due to North Korea in 2023.
However, their attack frequency has dropped significantly after a late June 2024 summit between Russian President Vladimir Putin and North Korean leader Kim Jong Un.
Discover more from Earlybirds Invest
Subscribe to get the latest posts sent to your email.
