This mysterious hacker group has a cool name: Lazarus
The Chinese translation is Lazarus, a character in the Bible, a good friend of Jesus, who died of illness and was resurrected by Jesus.
Don't be fooled by their literary name, they have a stronger background, and they have the support of the sovereign government behind them!
With a strong background and strong business level, many big cases have been solved:
Let's take a closer look at a few cases involving relatively large amounts of money:
According to Reuters, in 2017, the Bitcoin wallet of NiceHash, the world's largest cryptocurrency mining computing power market at the time, was attacked, and about 4,700 Bitcoins were stolen, which were worth $64 million at the time, but are now worth $280 million!
By 2021, NiceHash published a blog stating that the United States has confirmed that it was North Korean hackers who stole their Bitcoin!
The Americans were efficient in handling the case, and even found out the detailed information of the three hackers who carried out the attack, according to the 2021 indictment of the U.S. District Court in Los Angeles
The ones who stole the 4,700 bitcoins were 31-year-old Jon Chang Hyok, 27-year-old Kim Il, and 36-year-old Park Jin Hyok, who were unit personnel of the Reconnaissance General Bureau (RGB), the military intelligence agency of the Democratic People’s Republic of Korea (DPRK), which is suspected of engaging in criminal hacking activities. These military hacker groups from North Korea have multiple names in the cybersecurity community, including Lazarus Group and Advanced Persistent Threat 38 (APT38). Park was previously charged in an undisclosed criminal lawsuit in September 2018.
But these three people should be in North Korea, and the US courts should not be able to catch them.
Lazarus' most well-known case among Chinese people may be the Kucoin theft case.
https://www.kucoin.com/announcement/en-kucoin-ceo-livestream-recap-latest-updates-about-security-incident
In this case, Kucoin was stolen nearly 300 million US dollars, which is the largest cryptocurrency theft case in 2020, accounting for half of the total amount stolen in the whole year.
According to Reuters, according to the United Nations investigation, this case was done by North Korean hackers!
https://www.reuters.com/article/technology/un-experts-point-finger-at-north-korea-for-281-million-cyber-theft-kucoin-li-idUSKBN2AA08T/
This case once scared Kucoin so much that it resumed user withdrawals and deposits a week after the incident.
Kucoin’s CEO also made a very open disclosure on the live broadcast:
Let’s follow this official statement and give you a brief account of the incident:
At 2:51 a.m. Beijing time on September 26, 2020, Kucoin received an abnormal alarm, indicating an abnormal Ethereum transfer:
At 3:15 a.m., that is, more than 20 minutes after the incident, Kucoin set up a team to deal with this incident
When the North Korean hackers were still gloating over their misfortune and preparing to withdraw their money, they did not expect that most of their coins would be frozen as soon as they were transferred to other exchanges, so Kucoin was able to recover most of its losses.
For Kucoin users, the impact was only that they could not withdraw their coins for a week, because most of their coins were transferred to cold wallets for safety reasons.
For the few coins that could not be recovered, Kucoin borne the losses.
In this theft incident, Kucoin's performance was very professional, both in terms of response speed and subsequent processing results. It was also the case in which the most losses were recovered among the many crimes committed by these North Korean hackers.
In early 2022, Axie Infinity's development team skymavis also worked on another cross-chain bridge project Robin.
Axie Infinity just announced a $152 million financing at the end of 21, and is also preparing for a new round of Binance financing, which can be described as a spring breeze.
But what they didn't expect was that in the future, they would be remembered not for their products, but for the theft of $620 million, the largest theft of crypto assets in history.
According to Chainalysis' analysis, this theft was also the work of Lazarus Group!
And with this shocking case, 2022 was also the most fruitful year for North Korean hackers. That year, North Korea's total export earnings were only more than 100 million US dollars, and the money earned from encryption was more than 10 billion.
Let's briefly review the case:
Ronin cross-chain bridge is protected by 9 validator nodes, and 5 of these 9 validators are required to sign.
On Wednesday, March 23, North Korean hackers successfully controlled 5 of the nodes (including 4 validator nodes run by the development team itself and 1 validator node run by Axie DAO), and the private keys of these 5 validators were stolen.
The attacker then used the signatures of these 5 nodes to withdraw 173,600 ETH and 25.5 million USDC from the Ronin cross-chain bridge, which was approximately US$625 million at the time.
The coins had been stolen for several days, until March 29, when a user was unable to withdraw his 5,000 ETH through the Ronin bridge, which made the Ronin team realize that the funds had been withdrawn from the cross-chain bridge last week.
Look at this response speed, it is a world of difference compared to Kucoin. Kucoin took only a few hours to get everything done from being stolen to counterattack.
So this foreign team is really not as reliable as our Chinese in terms of efficiency~
After Kucoin was frozen before, North Korean hackers also made progress. Since the end of 2020, they knew that after stealing coins, they had to go to the mixer to mix them before they could withdraw them.
Therefore, after various efforts, only 30 million US dollars worth of tokens could be recovered.
According to the time, the coins stolen from Robin went to Tornado.
And the currency mixers were almost all used by North Korean hackers to launder money:
The Tornado team was arrested in August 2022, most likely for this reason.
Why is North Korea so keen on stealing coins?
Because according to The Diplomat magazine, the cryptocurrency stolen by North Korea is used to support their nuclear weapons research.
And looking at the trend of North Korea's foreign exchange income in recent years, it is simply doing encryption wholeheartedly, and it seems that it doesn't want to do other businesses.
According to Chainalysis data, North Korea's encryption business is very smooth. As of September 23, it has earned a total of 3.54 billion US dollars in cryptocurrency.
In 2022, when North Korea’s encryption business was at its peak, it earned $1.65 billion in one year. Almost half of the cryptocurrency on the Internet was stolen by North Korean hackers.
Google’s AI model HeAR is being used to detect respiratory diseases like TB by analysing cough sounds, offering a promising new tool for global healthcare, particularly in areas with limited access to traditional medical services.
BerniceSince 2017, Binance has been striving to obtain a phased 'partially legal' status in certain global regions through diplomacy, acquisitions, joint investments, philanthropic funding, and other means.
CaptainXBinance and CEO Zhao Changpeng admit intentional violations, facilitating billions in unregulated crypto transactions. Zhao resigns as CEO, faces potential 18-month sentence. Legal battles continue over sentencing and extradition. Binance.US claims independence from Zhao's governance.
CaptainXBinance faces $34 billion in fines from FinCEN and $9.68 billion from OFAC for not reporting over 100,000 suspicious transactions involving terrorism, ransomware, child exploitation, and other illegal activities. Future penalties and strict regulations may impact Binance for the next five years.
CaptainXUnconventional publicity ploy or out-of-the-ordinary technological innovation? Binance puts renowned football icon Cristiano Ronaldo through a lie detector test.
KikyoHe suggests that crypto's success has been largely caused by almost nonexistent interest rates, which pushed people toward speculation instead of 'real finance'.
OthersThis article will briefly sort out the timeline of this incident, summarize the comments of some industry insiders, and summarize the impact of this incident on the industry.
链向资讯Blockchain analysis firm Chainalysis highlighted that 10% of all funds originating from illicit addresses are sent to cryptocurrency mixers.
CointelegraphHackers appear to have turned down a $1 million bounty offer from the Harmony team to return $100 million stolen from the Horizon Bridge token bridge.
CointelegraphDecentralized finance provides essential financial freedom tools for digital nomads in a world with strict boundaries.
Cointelegraph