BitMEX has successfully thwarted a phishing attempt attributed to the Lazarus Group, a notorious hacking outfit linked to North Korea. In a blog post from May 30, BitMEX disclosed that an employee was targeted on LinkedIn, with the hacker attempting to pose as part of a Web3 NFT collaboration. The phishing tactic involved luring the employee to execute a malicious GitHub project, a method typically used by Lazarus. BitMEX's security team rapidly identified the obfuscated JavaScript code associated with past Lazarus activities. Despite their historical sophisticated breaches, such as the $1.4 billion hack of Bybit, BitMEX noted that Lazarus often employs basic phishing techniques as part of their operations. The attack exemplifies common behavioral patterns within the group, marked by poor operational security and unsophisticated initial engagement methods. In 2024, it was reported that North Korean hacking efforts resulted in $1.34 billion worth of crypto theft, emphasizing the persistent threat posed by such groups in the cryptocurrency landscape.

Source 🔗