BitMEX Blocks Lazarus Phishing Attempt, Calls Tactics ‘Unsophisticated’
The post BitMEX Blocks Lazarus Phishing Attempt, Calls Tactics ‘Unsophisticated’ appeared on BitcoinEthereumNews.com. BitMEX said it has thwarted an attempted phishing attack by the Lazarus Group, describing the attempt as using “unsophisticated” phishing methods by the notorious North Korea-linked group. In a blog post published on May 30, the crypto exchange detailed how an employee was approached via LinkedIn under the guise of a Web3 NFT collaboration. The attacker tried to lure the target into running a GitHub project containing malicious code on their computer, a tactic the firm says has become a hallmark of Lazarus’ operations. “The interaction is pretty much known if you are familiar with Lazarus’ tactics,” BitMEX wrote, adding that the security team quickly identified the obfuscated JavaScript payload and traced it to infrastructure previously linked to the group. A likely failure in operational security also revealed that one of the IP addresses linked to North Korean operations was located in the city of Jiaxing, China, approximately 100 km from Shanghai. “A common pattern in their major operations is the use of relatively unsophisticated methods, often starting with phishing, to gain a foothold in their target’s systems,” BitMEX wrote. Examining other attacks, it was noted that North Korea’s hacking efforts were likely divided into multiple subgroups with varying levels of technical sophistication. “This can be observed through the many documented examples of bad practices coming from these ‘frontline’ groups that execute social engineering attacks when compared to the more sophisticated post-exploitation techniques applied in some of these known hacks,” it said. The Lazarus Group is an umbrella term used by cybersecurity firms and Western intelligence agencies to describe several hacker teams operating under the direction of the North Korean regime. In 2024, Chainalysis attributed $1.34 billion in stolen crypto to North Korean actors, accounting for 61% of all thefts that year across 47 incidents, a record high and a…
The post BitMEX Blocks Lazarus Phishing Attempt, Calls Tactics ‘Unsophisticated’ appeared on BitcoinEthereumNews.com.
BitMEX said it has thwarted an attempted phishing attack by the Lazarus Group, describing the attempt as using “unsophisticated” phishing methods by the notorious North Korea-linked group. In a blog post published on May 30, the crypto exchange detailed how an employee was approached via LinkedIn under the guise of a Web3 NFT collaboration. The attacker tried to lure the target into running a GitHub project containing malicious code on their computer, a tactic the firm says has become a hallmark of Lazarus’ operations. “The interaction is pretty much known if you are familiar with Lazarus’ tactics,” BitMEX wrote, adding that the security team quickly identified the obfuscated JavaScript payload and traced it to infrastructure previously linked to the group. A likely failure in operational security also revealed that one of the IP addresses linked to North Korean operations was located in the city of Jiaxing, China, approximately 100 km from Shanghai. “A common pattern in their major operations is the use of relatively unsophisticated methods, often starting with phishing, to gain a foothold in their target’s systems,” BitMEX wrote. Examining other attacks, it was noted that North Korea’s hacking efforts were likely divided into multiple subgroups with varying levels of technical sophistication. “This can be observed through the many documented examples of bad practices coming from these ‘frontline’ groups that execute social engineering attacks when compared to the more sophisticated post-exploitation techniques applied in some of these known hacks,” it said. The Lazarus Group is an umbrella term used by cybersecurity firms and Western intelligence agencies to describe several hacker teams operating under the direction of the North Korean regime. In 2024, Chainalysis attributed $1.34 billion in stolen crypto to North Korean actors, accounting for 61% of all thefts that year across 47 incidents, a record high and a…
What's Your Reaction?
