North Korean-affiliated hacking collective the Lazarus Group has been transferring crypto belongings utilizing mixers following a string of high-profile hacks.
On March 13, blockchain safety agency CertiK alerted its X followers that it had detected a deposit of 400 ETH (ETH) value round $750,000 to the Tornado Cash mixing service.
“The fund traces to the Lazarus group’s activity on the Bitcoin network,” it famous.
The North Korean hacking group was responsible for the large Bybit exchange hack that resulted within the theft of $1.4 billion value of crypto belongings on Feb. 21.
It has additionally been linked to the $29 million Phemex exchange hack in January and has been laundering belongings ever since.
Lazarus Group crypto asset actions. Source: Certik
Lazarus has additionally been linked to a number of the most infamous crypto hacking incidents, together with the $600 million Ronin network hack in 2022.
North Korean hackers stole over $1.3 billion value of crypto belongings in 47 incidents in 2024, greater than doubling thefts in 2023, according to Chainalysis information.
New Lazarus malware detected
According to researchers at cybersecurity agency Socket, Lazarus Group has deployed six new malicious packages to infiltrate developer environments, steal credentials, extract cryptocurrency information and set up backdoors.
It has focused the Node Package Manager (NPM) ecosystem, which is a big assortment of JavaScript packages and libraries.
Researchers found malware referred to as “BeaverTail” embedded in packages that mimic legit libraries utilizing typosquatting ways or strategies used to deceive builders.
“Across these packages, Lazarus uses names that closely mimic legitimate and widely trusted libraries,” they added.
Related: Inside the Lazarus Group money laundering strategy
The malware additionally targets cryptocurrency wallets, particularly Solana and Exodus wallets, the added.
Code snippet exhibiting Solana pockets assaults. Source: Socket
The assault targets information in Google Chrome, Brave and Firefox browsers, in addition to keychain information on macOS, particularly concentrating on builders who may unknowingly set up the malicious packages.
The researchers famous that attributing this assault definitively to Lazarus stays difficult; nonetheless, “the tactics, techniques, and procedures observed in this npm attack closely align with Lazarus’s known operations.”
Magazine: Mystery celeb memecoin scam factory, HK firm dumps Bitcoin: Asia Express
Read MoreCointelegraph.com News