Investing
S. Korea Successfully Foils Cyber Attack by US-Sanctioned Lazarus Group: Report
Published:
According to the South Korean police, Lazarus Group attempted to hack more than 200 computers belonging to 61 South Korean institutions last year through the so-called “watering hole” attack. However, the cybercrime organization did not cause any damage as the South Korean police managed to identify Lazarus’s activity and block the attempts.
Lazarus Attacked Over 200 Computers Belonging to 61 S. Korean Institutions
Lazarus, one of the most prominent crypto cybercrime groups based in North Korea, launched cyber attacks on hundreds of computers belonging to 61 institutions from South Korea in 2022, according to Yonhap News, citing a police report. The National Police Agency (NPA) said that since June 2022, Lazarus hacked 207 computers belonging to these institutions, including eight media companies.
The computers were compromised through a “watering hole” attack that targeted security software installed. According to the NPA, to prepare for the hack, Lazarus first attacked a South Korean firm that distributes security software that is typically used for installing security plug-ins for online banking and financial services. This software is estimated to be installed on more than 10 million computers in South Korea.
The NPA also said that Lazarus had a predetermined plan in 2021 to infiltrate INISAFE – the firm that develops security software. The well-known hacking group reportedly studied the software’s flaws in recent years to build malware, but the police managed to spot the group’s activity on South Korean networks and cooperated with other agencies to preemptively block Lazarus’s further access. The NPA said that the attempts caused no actual damage.
What is the Lazarus Group?
Lazarus Group is a cybercrime organization believed to be run by the North Korean government. It is best known for stealing a whopping $620 million from a non-fungible token (NFT) game, Axie Infinity, in the biggest-ever crypto hack.
Reports from last year revealed that funds stolen in the Axie Infinity hack were moved through Tornado Cash, one of the most popular crypto mixers. Tornado was sanctioned by the US Treasury Department in August 2022 after becoming one of crypto hackers’ favorite toys.
Lazarus has been accused of numerous other major cyber-attacks recently, including the WannaCry 2.0 ransomware attack in 2017, the Bangladesh bank heist in 2016, and the Sony Pictures Entertainment hack in 2014. In 2020, the group stole $275 million from the crypto exchange KuCoin. The group snatched more than $400 million worth of crypto funds in 2021 alone.
This article originally appeared on The Tokenist
Want to Retire Early? Start Here (Sponsor)
Want retirement to come a few years earlier than you’d planned? Or are you ready to retire now, but want an extra set of eyes on your finances?
Now you can speak with up to 3 financial experts in your area for FREE. By simply clicking here you can begin to match with financial professionals who can help you build your plan to retire early. And the best part? The first conversation with them is free.
Click here to match with up to 3 financial pros who would be excited to help you make financial decisions.
Have questions about retirement or personal finance? Email us at [email protected]!
By emailing your questions to 24/7 Wall St., you agree to have them published anonymously on a673b.bigscoots-temp.com.
By submitting your story, you understand and agree that we may use your story, or versions of it, in all media and platforms, including via third parties.
Thank you for reading! Have some feedback for us?
Contact the 24/7 Wall St. editorial team.
Latest from 24/7
