SlowMist Uncovers North Korea’s Lazarus Group Deceptive Disguise
2024
2024
DEFI
APRIL
SECURITY
SlowMist, a leading Blockchain security firm has uncovered Lazarus Group’s crafty plot, a cyber-hacker entity allegedly backed by the North Korean Government.
As SlowMist revealed on Monday, the cyber-hacker entity has continued in its sneaky business as it is targeting LinkedIn users by pretending to be an executive from Fenbushi Capital, a Chinese blockchain asset management firm. The imposters even used the real profile picture of Remington Ong, a Fenbushi Capital partner.
SlowMist’s Chief Information Security Officer ( CISO) shared a screenshot on X, showing the LinkedIn scammer using the name ‘Nevil Bolson,’ claiming to be a founding partner at Fenbushi. The CISO also found out that “Nevil Bolson ” was part of Lazarus by comparing IP addresses and noticing the same attack strategy being used.
Watch out for the #Lazarus
attack on the fake Fenbushi Capital on linkedin! @fenbushi @SlowMist_Team @boshen1011 @VitalikButerin
pic.twitter.com/cAjAcPqkNj
— 23pds (@im23pds) April 29, 2024
Beware of Sneaky Links From Lazarus Group
According to 23pds, Lazarus Group would use this fake profile to privately chat with their targets on LinkedIn, pretending to be interested in investment opportunities. Then, they would suggest meeting up. Three weeks ago, the impostor shared a message saying, “Looking for Software developers. Please reach out to me for more discussion.”
The security firm revealed in a blog that the Lazarus Group specifically focuses on well-known DeFi projects. This is one of the tactics the hacker group employs by pretending to be affiliated with an investment company. Once they gain the victim’s trust, the imposter sneaks in harmful links disguised as meeting invitations or event pages. Clicking on these links triggers a phishing attack. It has been confirmed that this fake LinkedIn profile is still active.
In 2023, it was reported that North Korea has been associated with the culprits that stole about 33% of crypto hacks. The UN Security Council also revealed that 50% of foreign currency owned by North Korea was gained through cyber hacks and attacks.
Security Breaches in the Cryptoworld
Over the years, several crypto companies have fallen victim to cyber hacks and attacks and according to Chainalysis, around 231 hacks in the crypto space resulted in approximately $1.7 billion being stolen in 2022.
In 2022, Skakeeb Ahmed, a computer security engineer was charged for getting involved in a flash loan worth millions of dollars attacked on Nirvana, a decentralized crypto exchange. In the year, it was also reported that the users of Curve Finance, a decentralized Finance (DeFi), lost funds to cyber hacks.
Early this year, the US Department of Justice made a significant stir by bringing charges against two people and securing a guilty plea from another individual.
The post SlowMist Uncovers North Korea’s Lazarus Group Deceptive Disguise appeared first on Latest News and Insights on Blockchain, Cryptocurrency, and Investing.
