The Lazarus Group, a North Korean-affiliated hacking collective, has been detected laundering 400 ETH valued at approximately $750,000 through the Tornado Cash mixing service. This activity comes in the wake of several high-profile hacks, including a recent incident on February 21 where $1.4 billion in crypto assets was stolen, and a $29 million theft in January. In addition to laundering activities, researchers from cybersecurity firm Socket have identified six new malicious software packages linked to Lazarus Group, specifically targeting developers within the Node Package Manager (NPM) ecosystem. These packages utilize typosquatting tactics to deceive developers into installing malware, which can steal credentials and cryptocurrency data. While attributing this attack to Lazarus is challenging, the methods used are consistent with the group’s known operations. Fortunately, warnings from security firms highlight the ongoing threat posed by this hacking collective, particularly to developers managing crypto-related software.

Source 🔗