1. BITBILIHome
  2. Article

North Korean Hackers, Lazarus group, tied to the Atomic Wallet breach

132 views

TL;DR Breakdown

  • Elliptic Firm and its Investigative arm say that users of Atomic Wallet have fallen victim to Lazarus, the notorious North Korean cybercrime group. 
  • So far, $35 million has been stolen in bitcoin, ether, tether, Dogecoin, Litecoin, BNB coin, polygon, and Tron-based USDT.
  • The stolen assets are being laundered using specific services, such as the Sinbad mixer, which has also been used to launder the proceeds of Lazarus Group Hacks in the past.

Elliptic, a blockchain intelligence firm, said in a blog post on Tuesday that users of Atomic Wallet may have fallen victim to Lazarus, the notorious North Korean cybercrime group. Reportedly, illegal funds from the $35 million Atomic Wallet hack have been transferred to a crypto aggregator that is favored by North Korea’s most notorious cyber-hacking group.

The Lazarus Group financial terror hits the crypto industry hard

Lazarus Group is a North Korean cybercrime organization known for its cyber exploits, and it has been blamed for a number of attacks since 2010. The entity is thought to be funded by the North Korean government and consists of an unknown number of hackers. It has launched an increasing number of attacks through its various subgroups, including StoneFly, AndAriel, and BlueNoroff.

Since 2017, when it attacked South Korean crypto investors with Bitcoin and Monero holdings, the criminal group has terrorized the crypto community by using autonomous means of distributing new sorts of computer viruses that expose flaws in well-known software systems. Previously, Lazarus Group was notorious for conducting cyber espionage campaigns against South Korean government entities through distributed denial-of-service assaults.

Lazarus Group has also used the SWIFT network to undertake assaults on global organizations such as Sony and banking institutions, as well as a large-scale ransomware attack that affected thousands of machines in countries such as Russia, India, Taiwan, and Ukraine. During the COVID-19 pandemic in late 2020, the criminal group used spear-phishing techniques to get into computers and stole proprietary COVID-19 research.

The group began 2022 with a $600 million heist on Ronin, the blockchain protocol associated with the renowned crypto game Axie Infinity. Lazarus Group has been linked to a new type of crypto hacking, promoting fake crypto applications under the brand BloxHolder to spread the AppleJeus malware and steal crypto funds. The group is responsible for more than 25 notable attacks. 

Atomic Wallet suffers loss under cyber criminals

The team behind Atomic Wallet, a non-custodial crypto wallet, announced early Saturday morning that some users had their wallets compromised and funds stolen. The number of incidents reportedly did not exceed 1% of “monthly active users.” The announcement followed many complaints on Reddit from users whose wallets had been emptied.

ZachXBT, a pseudonymous blockchain detective, estimated that approximately $35 million worth of crypto had been stolen, including bitcoin, ether, tether, dogecoin, Litecoin, BNB coin, polygon, and Tron-based USDT.

Elliptic wrote that the stolen crypto was transferred to a mixer called Sindbad.io. This mixer, which Elliptic believes is a successor to the previously sanctioned mixer Blender.io, has frequently been used to launder money from other hacks attributed to Lazarus, according to Elliptic, who noted that the utilization pattern is identical. According to the blog post, the company also discovered connections between the wallets containing the stolen funds from Atomic and some of the Lazarus breaches.

Non-custodial wallets, such as Atomic, allow users to retain their crypto autonomously, without relying on a centralized entity, which means that if users lose their wallet’s device or password, they can only recover funds using the seed phrase. Anyone with access to the seed phrase, on the other hand, can clone the wallet and steal the funds.

Three hours ago, Elliptic Investigations updated that Atomic Wallet hack funds have just been swapped for USDT and bridged to TRON.

It’s probable that the stolen crypto assets were mixed in wallets containing the proceeds of previous Lazarus Group attacks. This would be the first large crypto theft openly traced to Lazarus Group since the $100 million Horizon Bridge breach in June 2022. 

Disclaimer. The information provided is not trading advice. Cryptopolitan.com holds no liability for any investments made based on the information provided on this page. We strongly recommend independent research and/or consultation with a qualified professional before making any investment decision.

文章来源于互联网:North Korean Hackers, Lazarus group, tied to the Atomic Wallet breach

Disclaimers:

1. You are solely responsible for your investment decisions and this info is not liable for any losses you may incur.

2. The copyright of this article belongs to the writer, it represents the writer's opinions only, not represents the site's ones. Not financial advice.

Previous 2023年6月12日 11:23
Next 2023年6月12日 12:06

Related articles

  • Fine Dining with Elite Company At EDCON 2023 – Podgorica

    Some of Edcons participants went to bed after volunteering at Edcon all day. The other participants salute them for their service. Others went to the center of Montenegro’s capital to try to network and were quickly moving from one place to another, bars, nightclubs but no real events. Still others met at the Sky Bar of the Hilton Hotel with whoever would show up. These were the default situations of many participants the evening of day 0 at Edcon. Many lost participants would end up in the nightclub Biro with its extremely loud music and red lights making it difficult to network. But then the community got to organizing. A Telegram channel was made to share all of the side events and a web3 event page was made. https://www.web3event.org/topic/49#Topic A few notable side events took place, we shall describe some here: Testera XWinner On the evening of day 0 of Edcon, around 60 participants in the know were at Testera’s after party getting to know each other and networking. Testera opened up its office and terrace for this side event…

    Article 2023年6月6日

  • Multichain ceases operations after CEO’s sister’s arrest holding $220 million

    TL;DR Breakdown Multichain has ceased its operation due to the lack of alternative information sources and corresponding operational funds With the CEO’s sister now arrested, the status of the assets she maintained is uncertain Description Multichain, a bridging protocol, has confirmed that it has ceased operations as CEO Zhaojun’s sister was arrested recently by the Chinese police while holding $220 million of the protocol’s funds. In a thread on its Twitter page, Multichain explained that it would be ceasing its operation due to the lack of alternative information sources and … Read more Multichain, a bridging protocol, has confirmed that it has ceased operations as CEO Zhaojun’s sister was arrested recently by the Chinese police while holding $220 million of the protocol’s funds. In a thread on its Twitter page, Multichain explained that it would be ceasing its operation due to the lack of alternative information sources and corresponding operational funds.  Multichain CEO’s sister held $220 million Multichain’s problems started in late spring after users took it to their Telegram complaining that the platform had some of their pending transfers….

    Article 2023年7月15日

  • Concerns arise over Bitcoin price disparity on Binance Australia and BTC Markets

    TL;DR Breakdown The price of bitcoin dropped significantly by almost $6000 on Binance Australia on May 30, causing worries across the crypto market. Binance has been up against legal actions and announced in April that it would shut down its Australian derivatives division. The Australian regulatory investigation was the result of an ostensibly accidental compliance problem. The price of bitcoin dropped significantly by almost $6000 on Binance Australia, a significant crypto exchange on May 30. Trading activity indicated a strong willingness to sell, driving the price of bitcoin on Binance Australia down to $22,000 from $28,000 on the local exchange, BTC Markets. Market watchers have taken notice of this dramatic price discrepancy. Bitcoin prices plummet on Binance Australia, triggering trader panic In an indication that users were looking to exit their positions immediately, bitcoin prices on Binance’s Australian branch, a major crypto exchange, were about $6000 lower on May 30. The cost of bitcoin, the most popular crypto in the world, was about $22,000 on Binance Australia compared to $28,000 on the Australian crypto exchange BTC Markets. The price of…

    Article 2023年6月3日

  • Here is what the crypto market really has to say to Grayscale

    TL;DR Breakdown Grayscale’s win against the SEC has led to speculation about future Bitcoin ETFs. Despite the victory, the market responded with just a 7% rise in Bitcoin’s value. There’s still uncertainty about the SEC’s next move regarding ETF conversions. The crypto industry is demanding clearer regulations for broader adoption. Description Grayscale may have bagged a win against the SEC, but the crypto market isn’t tossing confetti just yet. While some tout this victory as the “next big thing” for the digital currency landscape, the market’s lukewarm response and a mere 7% uptick in Bitcoin’s price post-ruling paint a different story. If Grayscale assumes this ruling … Read more Grayscale may have bagged a win against the SEC, but the crypto market isn’t tossing confetti just yet. While some tout this victory as the “next big thing” for the digital currency landscape, the market’s lukewarm response and a mere 7% uptick in Bitcoin’s price post-ruling paint a different story. If Grayscale assumes this ruling is a one-size-fits-all stamp of approval, they might want to rethink. The road to an ETF…

    Article 2023年8月31日

  • ChatGPT logins leaked on the dark web after breach

    TL;DR Breakdown ChatGPT experiences massive credential breaches as hackers leak data in the dark web. Analysts recommend tips to ensure security from hackers. Description In a recent report by Singapore-based cybersecurity firm Group-IB, it was revealed that more than 100,000 login credentials for OpenAI’s ChatGPT artificial intelligence chatbot were leaked on the dark web. The credential theft, which began in June 2022, reached its peak in May 2023 with 26,802 stolen logins. Group-IB identified the Raccoon Infostealer malware as … Read more In a recent report by Singapore-based cybersecurity firm Group-IB, it was revealed that more than 100,000 login credentials for OpenAI’s ChatGPT artificial intelligence chatbot were leaked on the dark web. The credential theft, which began in June 2022, reached its peak in May 2023 with 26,802 stolen logins. Group-IB identified the Raccoon Infostealer malware as the primary tool used in orchestrating the theft, with victims being lured into downloading it through phishing emails. Hackers leak over 100,000 ChatGPT logins Once infected, the Raccoon Infostealer malware gathers login credentials, browsing history, cookies, and potentially even cryptocurrency wallet information. According…

    Article 2023年6月26日
TOP