Security News > 2021 > May > Researchers Link CryptoCore Attacks On Cryptocurrency Exchanges to North Korea
State-sponsored hackers affiliated with North Korea have been behind a slew of attacks on cryptocurrency exchanges over the past three years, new evidence has revealed.
Attributing the attack with "Medium-high" likelihood to the Lazarus Group, researchers from Israeli cybersecurity firm ClearSky said the campaign, dubbed "CryptoCore," targeted crypto exchanges in Israel, Japan, Europe, and the U.S., resulting in the theft of millions of dollars worth of virtual currencies.
In recent years, Lazarus Group has further expanded its attacks to target the defense and aerospace industries.
CryptoCore, also called CryptoMimic, Dangerous Password, CageyChameleon, and Leery Turtle, is no different from other Lazarus Group operations in that it's primarily focused on the theft of cryptocurrency wallets.
The group is said to have stolen an estimated $200 million, according to a ClearSky report published in June 2020, which linked CryptoCore to five victims located in the U.S., Japan, and the Middle East.
"This group has successfully hacked into numerous companies and organizations around the world for many years," ClearSky researchers said.
News URL
Related news
- US 'laptop farm' man accused of outsourcing his IT jobs to North Korea to fund weapons programs (source)
- Microsoft Patches Zero-Day Flaw Exploited by North Korea’s Lazarus Group (source)
- Researchers Uncover TLS Bootstrap Attack on Azure Kubernetes Clusters (source)
- Binance Warns of Rising Clipper Malware Attacks Targeting Cryptocurrency Users (source)