The well known North Korean hacker group Lazarus is targeting Japanese cryptoasset companies, and a few of these companies already saw their crypto stolen, according towards the JapanNews, citing the National Police Agency (NPA).
On Friday, the NPA released a reminder, along with the Financial Services Agency and also the National Center of Incident Readiness and Technique for Cybersecurity, proclaiming that there’s a higher chance that Japanese companies happen to be targeted by Lazarus for quite some time now.
Allegedly, some Japanese companies have previously reported their internal systems have been hacked as well as their cryptocurrency stolen.
It had been the following analysis that brought to Lazarus being recognized as the audience behind these targeted attacks. The analysis was brought through the regional police across Japan together with the NPA’s special analysis unit on cyber-attacks established in April this season.
Japan has utilized a particular and barely used method here, known as “public attribution” – they announced a reputation of the suspected attacker prior to making any moves just like an arrest. In these instances, additionally they announce the attackers’ purpose, way of attack, and then any other relevant information. This process, per this news outlet, continues to be seen lately as a good tool to discourage attacks.
Katsuyuki Okamoto from the information security firm Trend Micro Coupon Corporation. was quoted as stating that,
“Lazarus initially targeted banks in a variety of countries, but lately it’s been aiming at cryptoassets which are managed more loosely. […] It’s important to take part in public attribution, because it will raise awareness from the perpetrator’s tactics and prompt individuals to take measures.”
It’s noted that overseas cyber crooks take time and effort to recognize, but that it’s still possible to do this through specific investigative methods, including an analysis of infections and emails.
Within the situation of Lazarus, the report reported a senior NPA official who stated the group sent phishing emails to employees from the specific, targeted companies, that they presented themselves as executives of cryptocurrency companies. In addition, they conveyed using these employees via social networking to be able to infect their computers with adware and spyware.
This process appears to possess labored on some companies, which reported the occurrences towards the police. However, the NPA hasn’t disclosed individual domestic cases associated with Lazarus, stated the report.
This wouldn’t be the very first time the Cryptoverse has entered pathways with Lazarus though. This year, the US Treasury Department sanctioned an ethereum (ETH) address it stated received the coins stolen within the Ronin Bridge hack. The US Fbi (FBI) claimed the North Korean number of online hackers was behind this security breach, as the sanctions announcement mentioned that Lazarus was located in the Potonggang District from the North Korean capital Pyongyang.
The blockchain analytics firm Chainalysis stated at that time the crypto industry needed a larger “understanding of methods [North Korea]-affiliated threat actors exploit crypto,” in addition to “better to safeguard DeFi protocols.”
North Korea has frequently denied it seeks to compromise crypto and it has refuted accusations all around the Lazarus group, denying its existence altogether, in addition to alleged individual people from the group which have been named through the FBI. Pyongyang also formerly claimed that accusations of crypto thievery were “the kind of fabrication that just the U . s . States” was able to “inventing” – calling the American government “kings” of hacking.
Meanwhile, The JapanNews reported “sources” who stated that Lazarus was involved, among other cases, within the thievery of some ¥6.7 billion ($45 million) in bitcoin (BTC) along with other crypto in the Zaif crypto exchange in 2018, in addition to ¥3.5 billion ($23.54 million) in XRP along with other crypto from Bitpoint Japan in 2019.