A North Korean hacking group called Lazarus has stolen cryptocurrencies worth more than half a billion this year.
According to The Next Web that cited findings from the annual report of cybersecurity vendor Group-IB late on Friday, Lazarus was behind 14 hacking attacks on cryptocurrency exchanges since January 2017 — stealing $571 million.
Lazarus is a hacking group which has been linked to a string of attacks against everything from banks to government agencies across the world.
Hackers targeted cryptocurrency exchanges with spear phishing, social engineering and malware.
“Spear phishing remains the major vector of attack on corporate networks. For instance, fraudsters deliver malware under the cover of CV spam [with an attachment] that has a malware embedded in the document,” the findings showed.
Group-IB expects the number of targeted attacks on cryptocurrency exchanges to rise, and not just the ones from Lazarus.
Nearly 10 per cent of the total funds raised by Initial Coin Offering (ICO) platforms over the past year and a half have been stolen.
According to the report, large phishing groups are capable of stealing $1 million a month.
Fraudsters are even building fake websites using stolen cryptocurrency project descriptions and plagiarized white papers.
“Fraudulent phishing-schemes involving crypto-brands will only get more complex as well as cybercriminals’ level of preparation for phishing attacks,” the group warned.
Security researchers have earlier claimed that North Korea-based advanced persistent threat (APT) groups are increasingly attacking financial institutions and Bitcoin exchanges.