Connect with us

Hi, what are you looking for?


Lazarus Group Targeting LinkedIn Users As Part Of North Korea Crypto Hacking Scheme

North Korea’s state-sponsored hacking collective Lazarus group is reportedly targeting LinkedIn users in the digital asset industry as part of its latest crypto hacking malware attempt, blockchain security firm SlowMist alleged on April 24.

“The Lazarus Group is currently contacting cryptocurrency industry targets through LinkedIn and stealing employee privileges or assets through malware,” SlowMist posted to its X account.

North Korean Crypto Hacking Group Targeting LinkedIn Users

The blockchain security company alleged that Lazarus Group members were creating fake profiles on the networking site, reaching out to human resources personnel, and hiring managers in various blockchain-related organizations.

#Lazarus #APT The Lazarus group appears to be currently reaching out to targets via LinkedIn and steal employee privileges or assets through malware. #Lazarus #APT Lazarus 组织目前正通过 LinkedIn 联系加密货币行业的目标,并通过恶意软件窃取员工权限或资产。

— 23pds (@im23pds) April 24, 2024

From there, the North Korean hackers send a link with code in an attempt to show off their coding abilities. In reality, the cryptography contains dangerous malware to exploit the victim’s personal data.

“Initial declarations and dependency loading scripts throw errors immediately when they start, probably to confuse analyzers or automated tools,” SlowMist stated. “Several Node.js modules are imported, and environment variables and function definitions define the operating system’s hostname, platform type, home directory, and temporary directories.

A periodic function, aptly named “stealEverything,” then “attempts to steal as much data as possible from the user’s device and upload it to a server controlled by the attacker.”

Lazarus Group’s Ties To North Korea’s WMD Program

A report from a U.N. panel of experts published last month revealed that an estimated 40% of North Korea’s weapons of mass destruction (WMD) were funded through “illicit cyber means.”

Lazarus Group has stolen over $3 billion worth of digital assets globally to date.

A recent blockchain intelligence firm TRM Labs report found that the authoritarian country stole over $600 million in 2023 alone.

Security officials from the U.S. and its allies believe the country’s state-sponsored malware initiatives may threaten national security.

In December, U.S. advisor of National Security, Jake Sullivan, held a meeting with diplomatic counterparts from South Korea and Japan in which they discussed North Korea’s WMD program.

Last year, the U.S. sanctioned crypto mixer Sinbad, a “key money-laundering tool” for the regime’s digital asset exploitation efforts.

“The Treasury Department and its U.S. government partners stand ready to deploy all tools at their disposal to prevent virtual currency mixers, like Sinbad, from facilitating illicit activities,” Deputy Secretary of the Treasury Wally Adeyemo said following the enforcement action. “While we encourage responsible innovation in the digital asset ecosystem, we will not hesitate to take action against illicit actors.”

It’s unclear whether the Lazarus Group will face any political repercussions over its latest crypto malware scheme.

The post Lazarus Group Targeting LinkedIn Users As Part Of North Korea Crypto Hacking Scheme appeared first on Cryptonews.

You May Also Like


Newmont (NYSE: NEM) reported mixed financial results even as the price of gold approached its all-time high. In all, the company’s earnings per share...


Fisker (NYSE: FSR) stock price has been one of the best-performing electric vehicle (EV) stocks this week even as Tesla slumped. The shares jumped...


NatWest (LON: NWG) share price rose sharply, helped by the strong results from Barclays. The stock jumped to a high of 274.8p, which was...


The Fox Corporation (NASDAQ: FOX) stock price has been under pressure as investors come to terms with the abrupt firing of Tucker Carlson. The...

Disclaimer:, its managers, its employees, and assigns (collectively “The Company”) do not make any guarantee or warranty about what is advertised above. Information provided by this website is for research purposes only and should not be considered as personalized financial advice. The Company is not affiliated with, nor does it receive compensation from, any specific security. The Company is not registered or licensed by any governing body in any jurisdiction to give investing advice or provide investment recommendation. Any investments recommended here should be taken into consideration only after consulting with your investment advisor and after reviewing the prospectus or financial statements of the-company.

Copyright © 2024