• Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
HackRead
  • January 24th, 2021
  • Home
  • Advertise
  • Privacy Policy
  • Contact Us
HackRead
  • Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
  • Follow us
    • Facebook
    • Twitter
    • Linkedin
    • Youtube
Home
Cyber Crime
Phishing Scam

Lazarus group conducting malware attacks to steal Bitcoins

December 17th, 2017 Waqas Cyber Crime, Phishing Scam, Scams and Fraud 0 comments
Lazarus group conducting malware attacks to steal Bitcoins
Share on FacebookShare on Twitter

Bitcoin’s price set a new record on Saturday when it reached USD 19,000 a piece and it looks like North Korea is trying to take full advantage of it. According to security researchers at SecureWorks, the infamous Lazarus group known for their links with the North Korean government has been busy targeting cryptocurrency platforms by conducting a spearphishing campaign.

Lazarus was previously in news for targeting banking giants around the globe while their latest attacks are targeting officials working at cryptocurrency firms in which hackers send an email containing a Word file as an attachment. The email tells the victim that in order to view the file they need to enable editing. Once that is done, the document installs a malicious macro on the device that further loads a Trojan that lets attackers take control of the computer.

Lazarus group conducting spearphishing campaign to steal Bitcoins

Example document asking a user to enable editing.

According to a conversation with ZDNet, Rafe Pilling of SecureWorks; Lazarus group is sending tricky emails to officials claiming that a European based cryptocurrency firm is hiring for the position of Chief Financial Officer (CFO). While they are busy reading the document, the trojan steals their credentials and downloads additional malware.

SecureWorks researchers believe the campaign has been targeting unsuspecting users since 2016 however in November this year there has been an increase in these attacks. The company believes that the campaign is still actively targeting officials.

This is not the first time when North Korean state-sponsored hackers have been blamed for a sophisticated campaign against cryptocurrency industry. In September this year, South Korea blamed its neighbor after dozens of email accounts belonging to employees of four major bitcoin exchanges in South Korea were hit by phishing attacks.

In July 2017, hackers stole billions in S.Korean Won by hacking the 4th largest Bitcoin exchange Bithumb. In the attack, hackers used voice phishing technique to target Bithumb officials. However, the culprit behind the attack could not be identified.

Successful data breaches against cryptocurrency platforms

Bithumb breach: In July, Bithumb, one of the largest Bitcoin and Ether exchange platforms suffered a breach resulting in the theft of billions of South Korean Won.

CoinDash breach: In July again CoinDash (ISO), an Israeli cryptocurrency social trading start-up announced that its crowdfunding page was compromised during Token Sale event earlier today — As a result, hackers stole Ethereum worth $7 million.

Veritaseum breach: In July 2017 again, Veritaseum, another cryptocurrency platform announced that their Initial Coin Offering (ICO) suffered a data breach in which around US$8.4 million worth of Ethereum were stolen.

Parity Technologies breach: On July 20, 2017, unknown hacker stole $32 Million in Ethereum from 3 multisig wallets by exploiting a critical security flaw in its multi-signature wallet software.

Enigma Marketplace breach: In August this year, Enigma, a decentralized marketplace and cryptocurrency investment platform suffered a data breach in which hackers stole $500,000 in Ethereum. The hack took place when the firm was about to start the crypto token sale.

Tether hack: On November 19th, Tether, a start-up firm known for offering dollar-backed cryptocurrency suffered a data breach in which a whopping $30 million worth of tokens was stolen.

NiceHash Hack: on December 7, 2017, Cryptocurrency mining market NiceHash was hacked in which cybercriminals stole more than $70 million from the company’s wallet.

Read More: How to Safely Store Cryptocurrency – Review of 5 Safest Bitcoin Wallets

  • Tags
  • Bitcoin
  • Cryptocurrency
  • Cyber Crime
  • hacking
  • internet
  • Lazarus
  • Malware
  • Phishing
  • Scam
  • security
  • South Korea
Facebook Twitter LinkedIn Pinterest
Previous article Russian oil pipeline computer hacked to mine Monero coins
Next article Chinese woman unlocks colleague's iPhone X through Face ID
Waqas

Waqas

I am a UK-based cybersecurity journalist with a passion for covering the latest happenings in cyber security and tech world. I am also into gaming, reading and investigative journalism

Related Posts
Massive privacy risk as hacker sold 2 million MyFreeCams user records

Massive privacy risk as hacker sold 2 million MyFreeCams user records

Online scams: How to give scammers a taste of their own medicine

Online scams: How to give scammers a taste of their own medicine

Infamous cybercrime, carding market Joker's Stash is shutting down

Infamous cybercrime, carding market Joker's Stash is shutting down

Newsletter

Get the best stories straight into your inbox!



Don’t worry, we don’t spam

Latest Posts
SonicWall hacked after 0-day flaws exploited by hackers
Hacking News

SonicWall hacked after 0-day flaws exploited by hackers

46
Massive privacy risk as hacker sold 2 million MyFreeCams user records
Cyber Crime

Massive privacy risk as hacker sold 2 million MyFreeCams user records

94
Gamarue malware found in UK Govt-funded laptops for homeschoolers
Security

Gamarue malware found in UK Govt-funded laptops for homeschoolers

438

HACKREAD is a News Platform that centers on InfoSec, Cyber Crime, Privacy, Surveillance and Hacking News with full-scale reviews on Social Media Platforms & Technology trends. Founded in 2011, HackRead is based in the United Kingdom.

Follow us