Tag: Lazarus
-
Stolen Crypto Funneled Through Tornado Cash by Lazarus Group
Recent research from the blockchain analytics firm Elliptic reveals that the North Korean hacker group Lazarus has resumed using the Tornado Cash service to launder stolen funds. A total of $23 million, pilfered during an attack on the cryptocurrency exchange HTX in November, was recently laundered through this service. Tornado Cash, a cryptocurrency mixing service,…
-
North Korean Hackers Bypass Security with Zero-Day
North Korean hackers from the Lazarus group exploited a vulnerability in the Windows AppLocker driver to gain kernel-level access and disable security measures, avoiding detection. Avast analysts identified and reported the hackers’ activities to Microsoft, leading to the mitigation of a Windows kernel vulnerability, designated CVE-2024-21338 (with a CVSS score of 7.8) related to privilege…
-
Lazarus Group Targets Python Developers with Malicious Packages
The North Korea-supported hacker group Lazarus has uploaded four malicious packages to the Python Package Index (PyPI) repository, aiming to infect developers’ systems with malevolent software. The implicated packages—“pycryptoenv,” “pycryptoconf,” “quasarlib,” and “swapmempool”—have been expunged from the platform, but not before accumulating 3,269 downloads, with “pycryptoconf” leading in popularity at 1,351 downloads. Shusei Tomonaga, a…
-
Lazarus Evades Sanctions, Uses YoMix to Launder Stolen Funds
The North Korean hacker group Lazarus, notorious for its numerous significant cryptocurrency thefts, has shifted to utilizing the Bitcoin mixer YoMix for laundering stolen funds. This development was reported by the analytics firm Chainalysis, noting that the group adapted its money laundering tactics following sanctions imposed by certain countries on various Bitcoin mixing services previously…
-
CoinsPaid Hit by Second Major Cyberattack in Six Months: $7.5 Million Compromised
The cryptocurrency payment gateway CoinsPaid has encountered its second cyberattack in the last six months. According to the Web3 security firm Cyvers, unauthorized transactions amounting to approximately 7.5 million dollars were detected. On January 6th, Cyvers’ artificial intelligence system identified a series of suspicious activities involving the withdrawal of digital assets totaling 6.1 million dollars,…
-
Hackers Target Developer of Britain’s Underground Nuclear Facility
The British corporation Radioactive Waste Management (RWM), responsible for handling the nation’s radioactive waste, faced an attempted cyberattack through the professional networking platform LinkedIn. Although unsuccessful, this attempt has stirred concerns in the nuclear industry, raising questions about the security of vital nuclear infrastructure. The Guardian reports that the cyberattack was orchestrated via LinkedIn. However,…
-
Supply Chain Attack: CyberLink Breached by North Korean Hackers
North Korean hackers infiltrated Taiwanese company CyberLink, a renowned multimedia software producer. The malefactors embedded malicious code into one of CyberLink’s installers distributed through official update channels. This breach led to the infection of over 100 computers globally, including in the USA, Canada, and Japan. According to Microsoft, the attack was orchestrated by the Lazarus…