Lazarus Group of North Korea has developed an innovative way to breach crypto-firms: they send cryptocurrency in the form of social engineering techniques.
According to 23pds, the pseudonymous Chief Information Security Officer (CISO) at Web3 security firm SlowMist, this tactic aims to gain the victim’s trust before deploying malicious code.
One recipient of the 23pds program received at minimum $400 USDT. But actual payouts may reach thousands.
“He said”
“Lazarus hackers make hundreds or even thousands of dollars in direct payments to their victims in advance… Just to gain the victim’s trust.”
This is done to increase victims’ willingness to comply with the demands of attackers.
Hacks of social engineering
Social engineering hacks are a different approach to cyberattacks than traditional attacks that target technical weaknesses. They focus on human behavior manipulation.
Hackers identify crypto-firm employees, make contact with them, and then send digital assets in order to establish credibility. After establishing trust, the hackers trick their victims into running malicious code that contains backdoors.
These interactions are often conducted through live chat or private GitHub repositories. The attackers then manipulate their victims into running the compromised code.
The 23pds team has warned crypto firms to strengthen their security systems and educate employees on how to detect such tactics.
Then he added:
“All platforms, pls check yourself and make sure you pay attention to safety and train your staff on safety awareness.”
North Korean hackers
This incident shows the changing nature of cyber-related crime as the security concerns within the crypto industry increase. It also suggests that the Lazarus Group may be preparing for a resurgence after reduced activity in late 2024.
North Korean-backed hacker stole $1.2 billion from the entire crypto sector in 2024. The North Korean hackers stole $1.34 billion of the $2.2 billion in crypto sector thefts.
Their attack frequency decreased significantly after a June 2024 meeting between Russian President Vladimir Putin, and North Korean Leader Kim Jong Un.
Posted in: North Korea. Featured. Hacks The Author 
Oluwapelumi Adejumo
Oluwapelumi is a believer in Bitcoin. He shares his insights and opinions on topics such as DeFi, Hacks, Mining, Culture, etc., highlighting the transformative power of Bitcoin.
@hardeyjumoh LinkedIn Email Oluwapelumi Editor
Assad Jafri
AJ has been a journalist for more than a decade, and he’s been a fanatic since the 2011 Arab Spring in Yemen. He specializes in financial reporting and now concentrates on cryptocurrency.
Twitter Email Editor @Saajthebard Ad 
Nansen joins TRON to enhance blockchain transparency and governance
Did you know that over $140 billion dollars in Bitcoin, or about 20% of the entire Bitcoin supply, is currently locked in inaccessible wallets? Or maybe you have lost access to your Bitcoin wallet? Don’t let those funds remain out of reach! AI Seed Phrase Finder is here to help you regain access effortlessly. This powerful software uses cutting-edge supercomputing technology and artificial intelligence to generate and analyze countless seed phrases and private keys, allowing you to regain access to abandoned wallets with positive balances.
