Last updated:
Journalist
Sead Fadilpašić
Journalist
Sead Fadilpašić
Share
Why Trust Cryptonews
The notorious North Korean hackers known as the Lazarus Group continues moving the crypto funds they’ve stolen in recent exploits. And now, the alleged North Korean hackers target crypto execs via Zoom.
Blockchain security firm CertiK posted on 13 March that this group had deposited 400 ETH to the popular Tornado Cash mixing service. This amount is currently worth $759,444.
And there is no sign of the group stopping their activities. “Stay vigilant,” the post warns.
Lazarus is the infamous group of hackers connected to some of the crypto’s most high-profile attacks. These include the Ronin network hack, which saw the loss of $624 million in 2022.
And just recently, in February, the group stole $1.4 billion in crypto from the Bybit exchange hack.
The crypto space has been carefully observing the movement of all these funds, given that the attackers aim to launder it all.
Worryingly, cybersecurity experts have warned that Lazarus has been deploying a novel, sophisticated, and constantly evolving crypto stealing malware aiming at crypto developers.
More specifically, for months now, North Korea has been targeting developers via NPM supply chain attacks. The goal is to steal funds and data.
Additionally, the malware seeks to infiltrate popular cryptocurrency wallets. Various reports have named MetaMask, Exodus, and Atomic as popular targets.
You might also like
North Korean Hackers Target Crypto Founders via Zoom
Recently, there has been a different kind of threat looming, targeting crypto company founders.
Hackers are working to steal data and funds through a fake Zoom call. They typically set up a business meeting and once on the call, they pretend they’re experiencing issues.
They post “a stock video of a bored” venture capitalist on the screen, and ask the target to click a link to a fake new call they sent. But it’s malware.
All this is according to Nick Bax of the Security Alliance. He said the threat group stole “$10s of millions of dollars” using this tactic, and others are copying it
Meanwhile, the hackers are currently presumed to be North Korean, but this is unverified.
Groups linked to North Korea “have become notorious for their sophisticated and relentless tradecraft,” according to a Chainalysis report. In 2024, they stole $1.34 billion across 47 incidents – 61% of the total amount stolen for the year, and 20% of total incidents.
That said, Giulio Xiloyannis, the CEO of Pixelmon and cofounder of MON Protocol, shared his own recent experience. He also received a Zoom link that makes people install malware.
Luckily, Xiloyannis noticed red flags, and the hackers failed. “There were tellsigns,” he said. “Opens browser Zoom without asking to use the App, asking me to paste code on my “terminal”.”
Moreover, Melbin Thomas, founder of Devdock AI, David Zhang, cofounder of Stably, Christoph Mussenbrock, cofounder of blockchain platform Etherisc, and several other people reported similar attempted hacks.
This is unlikely to stop. Chainalysis noted that North Korean hackers employ advanced malware, social engineering, and cryptocurrency theft to fund state-sponsored operations and circumvent international sanctions.
Additionally, Tom Robinson, co-founder of crypto investigation firm Elliptic, warned that North Korea is the most advanced player when it comes to laundering stolen digital assets.
You might also like
