North Korea's infamous hacking group, dubbed Lazarus, has managed to steal over half a billion dollars in cryptocurrencies, a report indicates.
According to an article published Friday by The Next Web, the coming annual report from cybersecurity vendor Group-IB sets out that Lazarus was behind 14 hacks on crypto exchanges since January 2017, reaping a massive $571 million from the attacks.
The news backs up claims from officials in South Korea, who said in February that North Korean hackers likely stole tens of millions of dollars' worth in cryptocurrencies in 2017.
As reported by CoinDesk, the country's National Intelligence Service said that phishing scams and other criminal methods methods had yielded tens of billions of won in customer funds. Authorities were also probing whether the same hackers were behind the January hack of the Coincheck exchange, which saw over $500 million in cryptocurrency taken – though Lazarus wasn't specifically mentioned.
More generally, Group-IB also indicates that $882 million in cryptocurrency has been stolen from exchanges in total from 2017 to 2018, according to a summary of the report obtained by the tech news source, .
The security provider said the number of attacks targeting crypto exchanges is likely to rise further, with hackers of more traditional financial institutions such as banks being drawn to the space seeking big gains.
The summary also looks at the methods used by hackers in order to carry out their attacks, saying spear phishing, social engineering and malware are the most widespread tools of the illicit trade.
TNW cited the report as saying that spear phishing – targeting individuals or organizations with malware delivered via an email attachment – is the "major vector of attack" on enterprise networks. It adds:
"After the local network is successfully compromised, the hackers browse the local network to find work stations and servers used working with private cryptocurrency wallets."
Furthermore, says Group-IB, hackers have made off with 10 percent of the funds raised by ICO platforms since early 2017, with phishing the most common means of attack.
Group-IB reportedly says that over-keen investors have been rushing to participate in token sales without paying sufficient attention to their security, often falling foul of tricks such as fake websites. For example, one such fake targeted would-be investors in the major ICO launched by Telegram, as reported in March.
Group-IB further warns that mining pools could prove a tempting target for hackers, saying bad actors could employ 51 percent attacks to take over networks, as has happened at a number of crypto projects this year.
Hacking image via Shutterstock
The leader in blockchain news, CoinDesk is a media outlet that strives for the highest journalistic standards and abides by a strict set of editorial policies. CoinDesk is an independent operating subsidiary of Digital Currency Group, which invests in cryptocurrencies and blockchain startups.
IBM Says Blockchain Can Power 'Open Scientific Research' in New Patent Filing
A patent application published Thursday claims the process of conducting scientific research can benefit from the blockchain.
Led by a team at IBM's Watson Research Center, the patent application p
CFTC Fines Bitcoin Trader $1.1 Million for Crypto Fraud
The U.S. Commodity Futures Trading Commission (CFTC) has jailed a bitcoin trader and fined him over $1 million for running a fraudulent bitcoin and litecoin scheme.
According to a press release iss
Japanese Firms Claim Success in Marine Insurance Blockchain Trial
One of Japan's largest insurance companies, Tokio Marine & Nichido Fire Insurance, and IT firm NTT DATA have completed a trial that put the paperwork for marine cargo insurance claims on a blockchain.
Accenture Puts Software License Management on a Blockchain Platform
Global professional services giant Accenture has rolled out a new software license management application built with tech from distributed ledger startup Digital Asset.
Accenture announced in a pre
Singapore's Central Bank, SGX Develop Blockchain Settlement System
The Monetary Authority of Singapore (MAS) and the country's stock exchange, Singapore Exchange (SGX), have developed a settlement system for tokenized assets that can work across different blockchains
Colorado Regulators Crack Down on Four More ICOs
Colorado regulators took action against four ICOs Thursday, bringing the state's total number of cease-and-desist orders against crypto startups to 12.
The state's "ICO Task Force" rebuked Bitcoin
Ethereum Sets Tentative January Goal for Next Blockchain Upgrade
Developers are eyeing January 16th as the date on which Constantinople, ethereum's upcoming network hard fork, could launch.
The upgrade for the world's second-largest blockchain was originally tar
For Bitfinex Users, Dollar Withdrawals Are Now a Weeks-Long Struggle
Three weeks after being assured that everything was running smoothly, some customers of cryptocurrency exchange Bitfinex are wondering why they still can't withdraw their money.
On Oct. 15, the cry