Cointelegraph analysts found out what type of attack hackers from the North Korean group Lazarus Group most often use against their targets. To do this, experts analyzed data from the DefiLlama portal and the UN Security Council.
According to available information, since 2020, the Lazarus Group has stolen a total of about $2.4 billion. More than 70% of the funds that were at the disposal of hackers were obtained by compromising the private keys of the affected companies and individuals. In other words, this method allowed attackers to steal $1.7 billion.
A recent UN Security Council report said North Korean groups have been involved in at least 58 attacks since 2017. This brought it about $3 billion, including 700 million in 2023.
However, Chainalysis experts believe that UN representatives underestimated the data. In their opinion, last year the Lazarus Group managed to steal about $1 billion. They explained that the involvement of a particular group of hackers is often difficult to prove, so UN analysts may not have included some of the data in their report.
NeurochainAI founder Julius Serenas notes that North Korean attackers are careful in choosing their targets. They attack only individuals and companies that can bring them a large amount of funds, the entrepreneur emphasized.
Serenas also said that a hacker raid was preceded by lengthy analysis and preparation. During these processes, the method of attack, the use of a specific vulnerability and other nuances are determined, he believes.
“The code data is available online for everyone, which gives hackers a lot of information, as well as time to use various tactics and exploit any potential vulnerability,” said the founder of NeurochainAI.
According to the UN Security Council report, North Korean hackers often use phishing in combination with social engineering techniques. In combination with the extensive technical data of the company's computer system, as well as the vulnerabilities present, they find an opportunity to compromise the private keys they need.
One of the latest goals of the Lazarus Group was the Munchables gaming platform, created on the basis of the Blast L2 solution. As a result of the attack, the hacker stole 17,500 ETH ($62.5 million at that time).
Crypto expert ZachXBT claims that the attacker turned out to be one of the project developers, who impersonated several people. He also confirmed his connection with a group from North Korea. On March 27, 2024, the Munchables team announced that the hacker agreed to return all funds and gave up control of the platform's assets.