North Korean State-Sponsored Lazarus Group Estimated to Have Caused $1.7B in Crypto Hacks

The Lazarus Group, a hack­ing orga­ni­za­tion with ties to the North Kore­an gov­ern­ment, has report­ed­ly caused a stag­ger­ing $1.7 bil­lion in loss­es through a series of sophis­ti­cat­ed cyber­at­tacks last year. 

The group has been linked to a series of recent high-pro­file hacks, amount­ing to more than $95 mil­lion in loss­es in just the past 10 days, accord­ing to cyber­se­cu­ri­ty firm ArkhamIntel. 

The alarm­ing scale and fre­quen­cy of these attacks have prompt­ed con­cern across sec­tors: from gov­ern­ment agen­cies to finan­cial institutions.

Racking up millions in days

With­in the past week, the FBI iden­ti­fied the Lazarus Group as the cul­prit behind a $41 mil­lion theft from Stake.com, an online bet­ting and casi­no plat­form. Addi­tion­al­ly, address­es con­nect­ed to the group were impli­cat­ed in the dis­ap­pear­ance of $54.3 mil­lion from the CoinEx cryp­tocur­ren­cy exchange. 

The stolen assets span mul­ti­ple cryp­tocur­ren­cies and are host­ed on var­i­ous blockchain net­works such as Ethereum, Binance Smart Chain, and Poly­gon. These attacks add to an already trou­bling tal­ly for 2023, where the group has stolen over $200 mil­lion from var­i­ous plat­forms, includ­ing Alphapo and CoinsPaid.

A pervasive cyber threat

Not lim­it­ed to cryp­tocur­ren­cy theft, the Lazarus Group has a long his­to­ry of crim­i­nal cyber activ­i­ties that are mul­ti­fac­eted and glob­al in scope. 

Their oper­a­tions have tar­get­ed not just finan­cial plat­forms but also var­i­ous gov­ern­men­tal and pri­vate sec­tors. The group has been active for years, employ­ing a wide array of tac­tics includ­ing spear-phish­ing, social engi­neer­ing, and even more com­plex attacks that com­pro­mise the inter­nal sys­tems of their targets.