Lazarus Group sends 400 ETH to Tornado Cash, deploys new malware
13 Marzo 2025 - 6:49AM
Cointelegraph
North Korean-affiliated hacking collective the Lazarus Group has
been moving crypto assets using mixers following a string of
high-profile hacks.
On March 13, blockchain security firm CertiK
alerted its X followers
that it had detected a deposit of 400 ETH
(ETH) worth around $750,000 to the
Tornado Cash mixing service.
“The fund traces to the Lazarus group’s activity on the Bitcoin
network,” it noted.
The North Korean hacking group was responsible
for the massive Bybit exchange hack that
resulted in the theft of $1.4 billion worth of crypto assets on
Feb. 21.
It has also been linked to the $29 million
Phemex exchange
hack in January and has been laundering assets ever
since.
Lazarus Group crypto asset movements. Source:
Certik
Lazarus has also been linked to some of the most notorious
crypto hacking incidents, including the $600 million
Ronin network
hack in 2022.
North Korean hackers stole over $1.3 billion worth of crypto
assets in 47 incidents in 2024, more than doubling thefts in 2023,
according to
Chainalysis data.
New Lazarus malware detected
According to researchers at cybersecurity firm Socket, Lazarus
Group has deployed six
new malicious packages to infiltrate developer environments, steal
credentials, extract cryptocurrency data and install
backdoors.
It has targeted the Node Package Manager (NPM) ecosystem, which
is a large collection of JavaScript packages and libraries.
Researchers discovered malware called “BeaverTail” embedded in
packages that mimic legitimate libraries using typosquatting
tactics or methods used to deceive developers.
“Across these packages, Lazarus uses names that closely mimic
legitimate and widely trusted libraries,” they added.
Related: Inside the Lazarus Group money laundering
strategy
The malware also
targets cryptocurrency wallets, specifically Solana and Exodus
wallets, the added.
Code snippet showing Solana wallet attacks. Source:
Socket
The attack targets files in Google Chrome, Brave and Firefox
browsers, as well as keychain data on macOS, specifically targeting
developers who might unknowingly install the malicious
packages.
The researchers noted that attributing this attack definitively
to Lazarus remains challenging; however, “the tactics, techniques,
and procedures observed in this npm attack closely align with
Lazarus’s known operations.”
Magazine: Mystery celeb memecoin scam factory, HK firm
dumps Bitcoin: Asia Express
...
Continue reading Lazarus Group sends 400 ETH to
Tornado Cash, deploys new malware
The post
Lazarus Group sends 400 ETH to Tornado Cash, deploys
new malware appeared first on
CoinTelegraph.
Grafico Azioni Bitcoin (COIN:BTCUSD)
Storico
Da Feb 2025 a Mar 2025
Grafico Azioni Bitcoin (COIN:BTCUSD)
Storico
Da Mar 2024 a Mar 2025
