Lazarus
-
Blog
OKX suspends DEX aggregator after Lazarus hackers try to launder funds
OKX Web3 has decided to suspend its DEX aggregator services to implement security upgrades following reports of abuse by the notorious North Korean Lazarus hackers, who recently conducted a $1.5 billion crypto heist. OKX is a leading global cryptocurrency exchange that offers a wide range of trading options, including spot and derivatives trading and decentralized finance (DeFi) services. As of…
Read More » -
Blog
North Korean Lazarus hackers infect hundreds via npm packages
Six malicious packages have been identified on npm (Node package manager) linked to the notorious North Korean hacking group Lazarus. The packages, which have been downloaded 330 times, are designed to steal account credentials, deploy backdoors on compromised systems, and extract sensitive cryptocurrency information. The Socket Research Team discovered the campaign, which linked it to previously known Lazarus supply chain operations.…
Read More » -
Blog
FBI confirms Lazarus hackers were behind $1.5B Bybit crypto heist
FBI has confirmed that North Korean hackers stole $1.5 billion from cryptocurrency exchange Bybit on Friday in the largest crypto heist recorded until now. The state-sponsored hacking group (tracked as TraderTraitor, Lazarus Group, and APT38) intercepted a scheduled transfer of funds from one of Bybit’s cold wallets into a hot wallet, subsequently redirecting the cryptocurrency to a blockchain address under…
Read More » -
Blog
Lazarus hackers used fake DeFi game to exploit Google Chrome zero-day
The North Korean Lazarus hacking group exploited a Google Chrome zero-day tracked as CVE-2024-4947 through a fake decentralized finance (DeFi) game targeting individuals in the cryptocurrency space. Kaspersky discovered the attacks on May 13, 2024, and reported the Chrome zero-day flaw to Google. Google issued a fix for CVE-2024-4947 on May 25, with Chrome version 125.0.6422.60/.61. Lazarus tank games Kaspersky discovered the…
Read More » -
Blog
Russian laundering millions for Lazarus hackers arrested in Argentina
The federal police in Argentina (PFA) have arrested a 29-year-old Russian national in Buenos Aires on charges of money laundering related to cryptocurrency proceeds belonging to the North Korean Lazarus hackers. The San Isidro Specialized Fiscal Unit in Cybercrime Investigations (UFEIC) collaborated with blockchain analysis firm TRM Labs to identify and locate the individual despite him using a complex transactions network…
Read More » -
Blog
Windows driver zero-day exploited by Lazarus hackers to install rootkit
Image: Midjourney The notorious North Korean Lazarus hacking group exploited a zero-day flaw in the Windows AFD.sys driver to elevate privileges and install the FUDModule rootkit on targeted systems. Microsoft fixed the flaw, tracked as CVE-2024-38193 during its August 2024 Patch Tuesday, along with seven other zero-day vulnerabilities. CVE-2024-38193 is a Bring Your Own Vulnerable Driver (BYOVD) vulnerability in the Windows Ancillary Function…
Read More »