BitMEX's security researchers found significant operational security failures within the Lazarus Group, a North Korean state-sponsored cybercrime organization. A probe revealed amateur-level lapses, including the accidental disclosure of an IP address that traced back to Jiaxing, China. Additionally, researchers accessed a Supabase database instance used by the group. The report suggests that the Lazarus Group is fragmented into sub-groups with varying skill levels, indicating a mix of low-skill social engineering tactics and advanced hacking methods. This follows a series of high-profile incidents attributed to the group, raising alarm among federal law enforcement agencies from the US, Japan, and South Korea, who are increasingly scrutinizing these hacking activities. In 2024, the FBI issued warnings about the group's phishing attempts targeting cryptocurrency users. Overall, the findings point to vulnerabilities in the group’s operations that may be exploited to counteract their malicious activities.

Source 🔗