Is Lazarus Group the biggest threat to crypto in this bull market? 

Is Lazarus Group the biggest threat to crypto in this bull market? 


Security experts at Web3 believe that North Korea's Lazarus Group will be the most prominent and sophisticated threat to the crypto industry in 2024.

Earlier this week, the infamous Lazarus Group He reportedly funneled $12 million through the Tornado Cash cryptocurrency. The funds were allegedly linked to the operation last November. Cooperative and the Heco Bridge hack, in which the platforms lost more than $90 million.

However, this was not the group's only heist in 2023. Throughout the year, North Korean-backed hackers compromised assets worth more than $400 million across several crypto platforms, including CoinEX, Poloniex, and Atomic Wallet. In 2022, the group was responsible for the largest defi hack in history, as it compromised the Ronin network to steal approximately $620 million.

The Lazarus attacks came during a prolonged bear market in the cryptocurrency industry, reeling from the effects of the collapse of FTX and Terra Luna. In 2024, with the bull market With major tokens hitting all-time highs and new meme coins bringing billions of dollars into the market, Lazarus' concerns are more prominent than ever.

Is Lazarus Group the biggest threat to cryptocurrencies in this bull market?  - 1
Lazarus hacks in the second half of 2023

To understand how the industry should prepare for such risks, contacted security provider web3 cyverswhich exclusively detected the Poloniex hack last year.

How does Lazarus carry out his million-dollar crypto heists?

According to Cyvers CEO Deddy Lavid, the Lazarus Group has significantly changed its cyber attack strategies in 2023, targeting centralized entities with a refined and dynamic approach. Going beyond traditional phishing and brute force methods, the group now employs AI-powered phishing campaigns and complex smart contract exploits.

Is Lazarus Group the biggest threat to cryptocurrencies in this bull market?  - 2
Onchain topologies used by Lazarus hackers | Image provided by Cyvers

Specifically, the attacks on Poloniex and HTX focused on stealing private keys and launching a series of small attacks in a short period of time. The group also used pre-programmed bots to execute automated attacks. Robots tend to live in a system for a long time undetected before they start exfiltrating assets.

Lavid also mentioned that Lazarus Group Operational methods resemble military precision, reflecting a rare level of professionalism among cybercriminal syndicates. Lavid describes a recurring pattern in his attacks: initial infiltration through social engineering, remaining dormant within the target organization for months, and stealing private keys for a series of rapid, well-orchestrated attacks involving shams and fast, anomalous transaction rates.

The preparatory phase is followed by dispersing the stolen assets across multiple blockchains and finally funneling them through mixers or exchanges for laundering.

So while the 2024 cryptocurrency bull run offers an exhilarating outlook for investors and innovators alike, it also presents an urgent call to arms for the security sector.

“My analysis emphasizes the need for greater security measures in the cryptocurrency and blockchain space, urging a deeper recognition of the importance of information security, a call for more security professionals, and a focus on prevention “proactive attack”.

– Deddy Lavid, Cyvers CEO

In 2024, Lavid envisions a crypto market that overcomes its nascent vulnerabilities to adopt a more mature approach to security.

Crypto platforms must allocate greater resources to develop security expertise within companies and a holistic strategy that prevents attacks and comprehensively addresses potential fraud across the blockchain.

Follow us on Google News


Leave a Comment


No comments yet. Why don’t you start the discussion?

Leave a Reply

Your email address will not be published. Required fields are marked *