BitMEX Blocks Lazarus Phishing Attempt, Calls Tactics ‘Unsophisticated’

Bitmex said that he had prevented the attempt by Phrying’s attack by Lazarus group, describing the attempt as the use of “incompetent” methods of identity theft by the infamous group associated with North Korea.

In a blog post published On May 30, Crypto Exchange described in detail how LinkedIn the employee under the guise of web3 NFT cooperation.

The attacker tried to lure the goal in starting the Github project containing a malicious code on their computer, a tactic that the company says it became a sign of Lazarus’ operations.

“The interaction is quite known if you are familiar with Lazarus’s tactic,” Bitmex wrote, adding that the security team quickly identified the banned Javascript a useful burden and found it to the infrastructure that was previously connected to the group.

The likely failure in operational security also revealed that one of the IP addresses associated with the North Korean operations was located in the city of Jiaxinging in China, approximately 100 km from Shanghai.

“The usual pattern in their main operations is the use of relatively incompetent methods, often starting with the theft of identity, to strengthen itself in the systems of their goal,” Bitmex wrote.

Examining other attacks, it was observed that the efforts of the hacking of North Korea were probably divided into multiple subgroups with different levels of technical sophistication.

“This can be noticed through many documented examples of bad practices coming from these” frontline “groups that perform social engineering attacks compared to the more sophisticated post-exploration techniques applied in some of these known hacks,” it is said.

Lazarus Group is a roof expression used by cyber security companies and Western intelligence agencies to describe several Hacaric teams operating under the guidance of North Korea’s regime.

2024 touched $ 1.34 billion stolen with cryptocurrencies of North Korean participants, making 61% of all thefts that year in 47 incidents, record high and 102% increased in the amount of $ 2023 of $ 660 million.

Still threat

However, as the founder and executive director of the Nominis warns Snir Levi, the growing knowledge of the Lazarus group tactics does not have to have less threats.

“The Lazarus group uses more techniques to steal the Crypto Currency,” he said Decipher. “Based on the complaints we collect from individuals, we can assume that they are trying to deceive people every day.”

The size of some of their draws was shocking.

In February, hackers drained Over $ 1.4 billion from Bitbit, which the group enabled to launch a malicious code on her computer with a safe wallet employee.

“Even Bybit Hack started with social engineering,” Levi said.

Other campaigns include Radiant Capital, where the contractor is threatened by the malicious PDF file that installed the rear.

The attack methods range from basic offers for the theft of identities and false jobs to advanced tactics after access such as smart touching of the contract and manipulation of the cloud infrastructure.

The discovery of Bitmex adds to the increasing body of evidence that documented the multi -layered Lazarus Group strategy. The following is another report in May from Kraken, where the company is described Try North Korea to get a job.

US and international officials said that North Korea uses the theft of cryptocurrencies to finance their weapons programs, with some reports estimated to supply up to half the budget for the development of the regime missile.

Edited Sebastian Sinclair