Cyber Heist Alert: North Korea Hackers Lazarus Group Use LinkedIn To Prey on Crypto Firms

Cyber Heist Alert: North Korea Hackers Lazarus Group Use LinkedIn To Prey on Crypto Firms

The notorious Lazarus Group, a cyber-hacker entity backed by North Korea, appears to have escalated its fraudulent activities to attack crypto by exploiting LinkedIn’s professional networking platform. This cyber threat has been detailed in a report by SlowMist, a leading information security firm.

The Lazarus Group, known for its elaborate cyber offenses, has now impersonated high-profile figures within the crypto industry to orchestrate phishing attacks that jeopardize personal and organizational security.

Deceptive Identities And Phishing Ploys

SlowMist’s chief information security officer findings posted on X expose how the Lazarus Group masquerades as reputable figures from institutions such as Fenbushi Capital. By assuming the identity of executives, the hackers gain unwarranted trust.

For instance, one fake profile identified as “Nevil Bolson,” purportedly a founding partner at Fenbushi, was used to mislead victims. This profile even misappropriated the image of Fenbushi’s real partner, Remington Ong, adding a layer of authenticity to the deceit.

The strategy is alarmingly effective; once trust is established, cybercriminals deploy malicious links disguised as benign communication, such as meeting invitations or event pages.

Unsuspecting victims, believing they are interacting with a legitimate contact, are tricked into clicking these links, which leads to the deployment of malware designed to steal critical information and digital assets.

Exploitation extends beyond simple identity mimicry. The Lazarus hackers have refined their phishing techniques to include offers of fake jobs or investment opportunities, thus broadening their scamming horizons.

They send coding challenges or job applications embedded with malware under the guise of recruitment processes. When executed, these files install Trojans that provide remote access to the victim’s systems, allowing for extensive data theft and financial fraud.

Notably, this surge in sophisticated phishing strategies on platforms like LinkedIn underscores a significant shift in how cybercriminals target the crypto sector. The involvement of such platforms in cybersecurity breaches points to an urgent need for heightened vigilance and strong security protocols within the industry.

Economic Impact Of Lazarus Crypto Attacks

Groups like Lazarus’s activities threaten individual security and impact the country’s economic sector.

According to the United Nations, such cyber operations are estimated to constitute about 50% of North Korea’s foreign currency earnings, which are instrumental in funding its weapons development programs.

This revelation highlights the broader geopolitical implications of cryptocurrency thefts, which serve as a significant revenue stream for state-sponsored activities.

Moreover, these hackers’ evolving tactics signify that while traditional methods of cyberattacks might be effectively countered, adversaries are continually adapting.

Recent insights from Chainalysis emphasize a notable shift: although the total value looted by these cyber incursions has declined, the frequency and sophistication of attacks continue to rise.

The global crypto market cap value on TradingView
The global digital currency market cap value on the 1-day chart. Source: Crypto TOTAL Market Cap on

Featured image from Unsplash, Chart from TradingVoew


No comments yet. Why don’t you start the discussion?

Leave a Reply

Your email address will not be published. Required fields are marked *