Despite the increase in security regarding cryptocurrency-related businesses, it would seem that a lot of crypto exchanges still contain serious vulnerabilities. Unfortunately, hackers seem to be aware of these security flaws, and many have attempted to explore exchanges for massive gains.
Even so, one group stands out as possibly the largest threat to crypto exchanges, and that is the North Korean hacking group called Lazarus .
According to a recent article posted by The Next Web , a cybersecurity company called Group-IB claims that Lazarus may easily be the most aggressive hacking group today. Their report claims that Lazarus is responsible for at least 14 hacks on exchanges since January 2017. The Group’s efforts have resulted in a theft of around $571 million in cryptocurrencies. The report also indicates that over $882 million in crypto was stolen since January 2018.
According to South Korea’s National Intelligence Service, hacks and phishing scams have been responsible for tens of billions of won being stolen from exchanges’ customers. While still unconfirmed, many believe that the same hackers were also responsible for Coincheck hack, which resulted in a theft of over $500 million.
Furthermore, Group-IB suspects that the number of attacks on exchanges will only increase. Instead of targeting well-secured banks and financial institutions, hackers have found that attacking exchanges is much easier, and often more profitable. Additionally, the report considered what methods were used for performing these attacks. The conclusion is that social engineering, spear phishing, and malware are used most commonly.
While exchanges are still the most likely targets, the report also points out that around 10% of all funds raised by ICOs since the start of 2017 was stolen. In these cases, phishing is the most popular method. According to the firm, investors are often in a rush to participate in new projects’ token sales, which is why they often disregard security and end up being tricked on fake websites.
Not only that, but wallets and mining pools can also prove to be tempting targets, as hackers can employ 51% attacks and take over entire networks.
As mentioned previously, the Lazarus Group seems to be among the most aggressive bad actors. Through the recent years, they have grown to be a serious threat. Even more so since they are notoriously elusive, with security researchers not even knowing the approximate number of its members.
The group has been around for almost a decade now, with some attacks reaching as far back as to 2009. During that time, they were responsible for some high-profile bank attacks, such as Bangladesh bank robbery of 2016. On that occasion, the group made off with more than $80 million.
In recent years, Lazarus has become more focused on cryptocurrencies. One of their recent campaigns included a malware called AppleJesus, which targeted Mac users. After the US attempted to isolate North Korea from the global financial system due to their nuclear program, Lazarus focused even more on cryptos. The most likely reason for this is simply the fact that cryptocurrencies are an easy target, since they are mostly unregulated, and are not controlled by banks or governments.