Security News > 2021 > May > North Korean hackers behind CryptoCore multi-million dollar heists
Security researchers piecing together evidence from multiple attacks on cryptocurrency exchanges, attributed to a threat actor they named CryptoCore have established a strong connection to the North Korean state-sponsored group Lazarus.
Last year, cybersecurity company ClearSky published a report about the financially motivated CryptoCore campaign that targeted cryptocurrency wallets belonging to exchanges or their employees.
At the time of the report, CryptoCore was responsible for at least five attacks causing estimated losses of more than $200 million.
The paper showed an analysis of the malware used in the attack and outlined similarities between them and malware attributed to LAZARUS. A report from Japan's CERT JPCERT/CC, which shared an analysis of several incidents where employees of Japanese firms were contacted and convinced to download malicious files.
A report from the Japanese cybersecurity firm NTT SECURITY, which points to a campaign that they dubbed CRYPTOMIMIC. According to the report, large sums of money were stolen from crypto wallets by contacting users and convincing them to download malicious files.
Given all the similarities across these researchers allowed ClearSky to attribute with medium to high confidence all the CryptoCore campaigns to the North Korean hacking group Lazarus.
News URL
Related news
- Radiant links $50 million crypto heist to North Korean hackers (source)
- North Korean govt hackers linked to Play ransomware attack (source)
- North Korean hackers pave the way for Play ransomware (source)
- North Korean hackers employ new tactics to compromise crypto-related businesses (source)
- North Korean Hackers Target Crypto Firms with Hidden Risk Malware on macOS (source)
- North Korean hackers use new macOS malware against crypto firms (source)
- North Korean Hackers Target macOS Using Flutter-Embedded Malware (source)
- North Korean hackers create Flutter apps to bypass macOS security (source)
- Bitfinex hacker gets 5 years in prison for 120,000 bitcoin heist (source)
- North Korean Hackers Steal $10M with AI-Driven Scams and Malware on LinkedIn (source)