North Korean leader Kim Jong-un (KCNA-Yonhap)
A cybercriminal syndicate believed to be linked to the North Korean government breached the Singapore-based DragonEx exchange and stole $7 million worth of cryptocurrencies in March 2019, Radio Free Asia reported Wednesday.
Hackers of Lazarus Group withdrew various cryptocurrencies, including Bitcoin, Ripple and Litecoin, RFA said, citing the latest findings released by US-based blockchain firm Chainalysis.
The group created a fake company claiming to offer an automated cryptocurrency trading bot, complete with a fabricated website and employees, and approached key figures at DragonEx.
DragonEx employees downloaded a free trial of the trading bot software Lazarus pitched, giving the hackers access to their computers. The hackers made off with millions.
Chainalysis said the Lazarus tactics demonstrate another level of sophistication because they go beyond conventional “email or small-scale website” phishing attempts.
Lazarus’ hacks into DragonEx reveal “deep knowledge of the cryptocurrency ecosystem necessary to successfully impersonate legitimate participants,” Chainalysis said.
The blockchain firm said Lazarus is different from other hacking groups in that its motivations are primarily financial rather than chaos itself. The firm referred to US Treasury reports in September 2019 that said Pyongyang uses funds from exchange hacks for its weapons program.
At the time, the US Treasury announced it was sanctioning Lazarus and its two subgroups Bluenoroff and Andariel that perpetrate “cyber attacks to support illicit weapon and missile programs.”
By Choi Si-young (email@example.com