Out of fourteen separate exchange breaches, five have been attributed to the group, among them the industry record-breaking $532 million NEM hack of Japan’s Coincheck this January.
The report, dedicated to hacks in 2017 and 2018, identifies the allegedly state-sponsored hacker group Lazarus as responsible for $571 million of the $882 million total in crypto that was stolen from online exchanges during the studied time period; almost 65 percent of the total sum.
Hacker group “Lazarus,” reportedly funded by North Korea, has stolen a staggering $571 million in cryptocurrencies since early 2017, a study conducted by cybercrime company Group-IB reveals.
The report states that hackers target cryptocurrency exchanges using mostly “traditional” methods, including spear phishing, social engineering, and malware:
“After the local network is successfully compromised [through downloaded malware], the hackers browse the local network to find workstations and servers used working with private cryptocurrency wallets.”
The report, which also includes a cybercrime forecast, predicts the number of attacks on exchanges to increase in the future, as an alternative to traditional targets such as banks.
U.S. experts have previously alleged that North Korea is “increasingly” turning to crypto as a tactic to circumvent sanctions, claiming that the country’s government is hiring people to “launder” cryptocurrencies via multiple wallets and exchanges, as well as so-called mixing services, with the aim of obtaining sanction-free U.S. dollars.