FBI Alerts Public to New Lazarus Group Malware Scams
FBI Warns Citizens of Latest Malware Scams from Lazarus Group
US Government Files Complaints to Seize Assets from North Korean Hackers. The United States government has taken action to recover stolen digital assets tied to the North Korean Lazarus hacking group.
On October 4, 2024, two legal complaints were filed to begin the process of seizing over $2.67 million in cryptocurrency, including $1.7 million in Tether (USDT) stolen during the 2022 Deribit hack and nearly $970,000 in Avalanche-bridged Bitcoin (BTC.b) from the 2023 Stake.com hack.
Recovering Stolen Crypto Assets
In the 2022 Deribit hack, Lazarus Group breached a hot wallet, draining $28 million from the crypto exchange. The hackers attempted to launder the funds by passing them through Tornado Cash, a mixer service, and several Ethereum addresses to avoid detection. US law enforcement is now working to recover $1.7 million in USDT linked to this attack.
Additionally, the US government is also seeking to seize approximately $970,000 in BTC.b, which was stolen during the 2023 hack on the Stake.com gambling platform. The attack resulted in over $41 million in losses for Stake, but investigators have identified some of the stolen funds and are pursuing recovery.
Lazarus Group: A Notorious Crypto Hacker Collective
The Lazarus Group, a North Korean-backed hacking organization, is widely believed to be behind several major cryptocurrency thefts. In July 2024, the group allegedly hacked the WazirX exchange, stealing an estimated $235 million.
The Deribit and Stake.com hacks are only a fraction of the group’s malicious activities in the crypto space.
A report from August 2024 by on-chain sleuth ZackXBT revealed that Lazarus Group had infiltrated at least 25 cryptocurrency projects by using fake developer identities to access code and steal from treasuries. This network of hackers continues to pose a major threat to the security of digital assets.
FBI Issues Warnings About Lazarus Group Scams
In September 2024, the FBI issued warnings about social engineering scams conducted by the Lazarus Group.
One notable scam involves fake job offers where unsuspecting users are tricked into downloading malware disguised as employment documents. This malware then allows hackers to steal sensitive personal data or cryptocurrency holdings.
Read More: Fraud Allegations Against Two Crypto Platforms in Washington: Why?
