The Lazarus Group is a North Korean state-sponsored cyber actor and one of the most sophisticated advanced persistent threats or APTs in North Korea. This week, the US Government issued a warning, citing that the entity targets organizations in the cryptocurrency and blockchain technology industries.
We want to help our followers who are cryptocurrency enthusiasts stay safe in their investing and trading journey. We believe this news about the Lazarus Group can help them be well-informed and proactive.
According to the news posted online by Infosecurity Magazine, a digital publication focused on the technology, strategy, and insight of information security, the Lazarus Group has been active since 2009.
This malicious entity has been responsible for many high-profile attacks in the past, leading it to gain global attention. As an APT, the Lazarus Group employs clandestine, continuous, and sophisticated hacking methods to gain access to a system and stay inside for prolonged periods.
Its operation comes with potentially destructive outcomes, per the definition posted on Kaspersky.com. This week, the US Government, which consists of the United States Department of the Treasury, the Federal Bureau of Investigation, and the Cybersecurity and Infrastructure Security Agency or CISA issued a joint advisory.
Their statement revealed that the notorious Lazarus Group is presently targeting organizations operating in the virtual currency industry utilizing trojanized cryptocurrency applications. The US Government cautioned groups like cryptocurrency trading companies, cryptocurrency exchanges, and venture capital funds that have invested in cryptocurrency.
Additionally, it warned play-to-earn video game operators and people holding huge amounts of valuable non-fungible tokens or NFTs and crypto-assets. The US Government said that the Lazarus Group comprises North Korean threat actors that use social engineering techniques on different communication platforms.
These cybercriminals entice their victims to download trojanized virtual currency applications on MacOS or Windows operating systems. Furthermore, the Lazarus Group basically targets cryptocurrency companies’ employees working in system administration, information technology operations, or software development.
The US Government said these North Korean threat actors usually impersonate recruiters offering high-paying employment opportunities. They use applications to gain access to the victim’s computer, and once downloaded, the software propagates malware across the network environment.
Then, the Lazarus Group’s cyber-attackers steal their victims’ private keys or exploit other security gaps. These malicious attackers then enable more activities that initiate fraudulent blockchain transactions.
The US Government’s advisory also gave a series of suggestions to blockchain and cryptocurrency organizations to mitigate the risks from the Lazarus Group. These recommendations cover areas such as incident response, patch management, and email security tools.
Moreover, the US Government provided advice on user education and multi-factor authentication. We agree that it is, indeed, concerning to discover the Lazarus Group, which has been responsible for the spate of cyberattacks worldwide for over a decade.
We recommend cryptocurrency organizations, traders, and investors stay well-informed and refer to the US Government’s latest advisory. We believe that, although the Lazarus Group may seem a potent foe, through proper education, virtual currency users and entities can keep themselves far from being harmed by these malicious actors.