Tag: lazarus
-
Record $1.5B stolen in Lazarus Group’s ByBit crypto heist
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/brief/record-1-5b-stolen-in-lazarus-groups-bybit-crypto-heist
-
North Korea’s Lazarus hackers behind $1.4 billion crypto theft from Bybit, researchers say
by
in SecurityNewsCybersecurity researchers say North Korean hackers are behind the largest cryptocurrency heist in history and are actively laundering the more than $1.4 billion in cryptocurrency stolen from the Bybit exchange on Friday. First seen on therecord.media Jump to article: therecord.media/lazarus-hackers-behind-bybit-crypto-heist
-
EU sanctions North Korean tied to Lazarus group over involvement in Ukraine war
by
in SecurityNewsThe latest package of EU sanctions related to Russia’s invasion of Ukraine included the leader of the North Korean intelligence agency known for backing the Lazarus group and other high-profile hacking operations. First seen on therecord.media Jump to article: therecord.media/eu-sanctions-north-korea-ukraine-war-lazarus-group
-
North Korean hackers linked to $1.5 billion ByBit crypto heist
by
in SecurityNewsOver the weekend, blockchain security companies and experts have linked North Korea’s Lazarus hacking group to the theft of over $1.5 billion from cryptocurrency exchange Bybit. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/north-korean-hackers-linked-to-15-billion-bybit-crypto-heist/
-
$1.5 Billion Bybit Heist Linked to North Korean Hackers
by
in SecurityNewsCompanies and experts have found evidence linking the $1.5 billion Bybit cryptocurrency heist to North Korean Lazarus hackers. The post $1.5 Billion Bybit Heist Linked to North Korean Hackers appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/1-5-billion-bybit-heist-linked-to-north-korean-hackers/
-
Biggest Crypto Hack in History Hackers Stolen $1.46 Billion Worth Crypto From Bybit
by
in SecurityNewsIn what has become the largest cryptocurrency theft in history, hackers infiltrated Bybit’s Ethereum cold wallet on February 21, 2025, siphoning approximately 401,346 ETH valued at $1.46 billion. The breach, attributed to North Korea’s Lazarus Group, exploited vulnerabilities in Bybit’s multisignature wallet interface, redirecting funds through a sophisticated smart contract manipulation. While Bybit assured users…
-
Investigators Link $1.4B Bybit Hack to North Korea’s Lazarus Group
by
in SecurityNewsInvestigators link the $1.4B Bybit hack to North Korea’s Lazarus Group, exposing a major crypto heist tied to state-backed cybercrime and money laundering. First seen on hackread.com Jump to article: hackread.com/investigators-link-bybit-hack-north-korea-lazarus-group/
-
Security Affairs newsletter Round 512 by Pierluigi Paganini INTERNATIONAL EDITION
by
in SecurityNewsA new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Lazarus APT stole $1.5B from Bybit, it is the largest cryptocurrency heist ever Apple removes iCloud encryption in…
-
Lazarus APT stole $1.5B from Bybit, it is the largest cryptocurrency heist ever
by
in SecurityNewsCrypto exchange Bybit was the victim of a sophisticated attack, and threat actors stole $1.5B worth of cryptocurrency from one of the company’s offline wallets. Crypto exchange Bybit suffered a sophisticated cyberattack, threat actors transferred over 400,000 ETH and stETH worth more than $1.5 billion to an unidentified address. The Bybit hack is the largest cryptocurrency…
-
North Korea’s Lazarus Group Hacks Bybit, Steals $1.5 Billion in Crypto
by
in SecurityNewsNorth Korea’s notorious Lazarus Group reportedly stole $1.5 billion in cryptocurrency from the Bybit exchange in what is being called the largest hack in the controversial market’s history. It came the same day Coinbase executives said the SEC was dropping its investigation of their company. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/02/north-koreas-lazarus-group-hacks-bybit-steals-1-5-billion-in-crypto/
-
Lazarus Group Deploys Marstech1 JavaScript Implant in Targeted Developer Attacks
by
in SecurityNewsThe North Korean threat actor known as the Lazarus Group has been linked to a previously undocumented JavaScript implant named Marstech1 as part of limited targeted attacks against developers.The active operation has been dubbed Marstech Mayhem by SecurityScorecard, with the malware delivered by means of an open-source repository hosted on GitHub that’s associated with a…
-
Lazarus Group Targets Developers Worldwide with New Malware Tactic
by
in SecurityNews
Tags: crypto, cyber, cybercrime, group, korea, lazarus, malware, north-korea, software, supply-chain, tacticsNorth Korea’s Lazarus Group, a state-sponsored cybercriminal organization, has launched a sophisticated global campaign targeting software developers and cryptocurrency users. Dubbed Operation Marstech Mayhem, this operation leverages the group’s latest implant, >>Marstech1,
-
North Korea Targets Crypto Devs Through NPM Packages
by
in SecurityNewsSecurityScorecard has uncovered a sophisticated campaign linked to North Korea’s Lazarus Group, distributing crypto-stealing malware First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/north-korea-crypto-devs-npm/
-
Microsoft’s February 2025 Patch Tuesday Addresses 55 CVEs (CVE-2025-21418, CVE-2025-21391)
by
in SecurityNews
Tags: access, advisory, android, apt, attack, authentication, best-practice, cve, cyber, data, exploit, firmware, flaw, group, Internet, lazarus, linux, malicious, microsoft, network, north-korea, ntlm, office, rce, remote-code-execution, service, technology, tool, update, vulnerability, windows, zero-day3Critical 52Important 0Moderate 0Low Microsoft addresses 55 CVEs with three rated critical and four zero-day vulnerabilities, including two that were exploited in the wild. Microsoft patched 55 CVEs in its February 2025 Patch Tuesday release, with three rated critical and 52 rated as important. Our counts omitted one vulnerability reported by HackerOne. This month’s update…
-
Fake-Jobangebote für Software-Entwickler auf Linkedin
Aktive Kampagne mit Verbindungen zur nordkoreanischen Lazarus-Gruppe (APT 38). Infostealer für Krypto-Wallets als Payload einer vermeintlichen Projekt-Demo. Die Bitdefender Labs beobachten eine aktive Kampagne mit gefälschten Jobangeboten auf Linkedin. Im Rahmen des Bewerbungsverfahrens erhalten die Angreifer über einen Link bösartigen Code für eine Backdoor, einen Infostealer, einen Keylogger und einen Kryptominer. Linkedin ist nicht nur……
-
Lazarus Group Lures Victims with Fake LinkedIn Job Offers, Warns Bitdefender
by
in SecurityNewsBitdefender Labs has uncovered an active cyber espionage campaign by the Lazarus Group, a North Korean state-sponsored threat First seen on securityonline.info Jump to article: securityonline.info/lazarus-group-lures-victims-with-fake-linkedin-job-offers-warns-bitdefender/
-
New Lazarus Group campaign targets cryptocurrency wallets
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/brief/new-lazarus-group-campaign-targets-cryptocurrency-wallets
-
Lazarus Group Targets Bitdefender Researcher with LinkedIn Recruiting Scam
by
in SecurityNewsA Bitdefender researcher was targeted by North Korea’s Lazarus with the lure of a fake job offer First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/lazarus-bitdefender-linkedin-scam/
-
Lazarus Group tricks job seekers on LinkedIn with crypto-stealer
by
in SecurityNewsNorth Korea-linked Lazarus Group is duping job seekers and professionals in an ongoing campaign that runs a LinkedIn recruiting scam to capture browser credentials, steal crypto wallet data, and launch persistence.According to a discovery made by BitDefender Labs, threat actors reach out with fake LinkedIn job offers to lure the victims into downloading and executing…
-
Beware of Lazarus LinkedIn Recruiting Scam Targeting Org’s to Deliver Malware
by
in SecurityNews
Tags: cyber, cyberattack, cybersecurity, exploit, group, jobs, korea, lazarus, linkedin, malware, north-korea, scamA new wave of cyberattacks orchestrated by the North Korea-linked Lazarus Group has been identified, leveraging fake LinkedIn job offers to infiltrate organizations and deliver sophisticated malware. Reports from cybersecurity firms, including Bitdefender, reveal that this campaign targets professionals across industries by exploiting their trust in LinkedIn as a professional networking platform. The operation begins…
-
Lazarus APT targets crypto wallets using cross-platform JavaScript stealer
by
in SecurityNewsThe North Korea-linked APT group Lazarus uses a cross-platform JavaScript stealer to target crypto wallets in a new hacking campaign. Bitdefender researchers reported that the North Korea-linkedLazarus groupuses fake LinkedIn job offers in the cryptocurrency and travel sectors to deliver a cross-platform JavaScript stealer to target crypto wallets in a new hacking campaign. Scammers lure…
-
Operation Phantom Circuit: North Korea’s Global Data Exfiltration Campaign Unveiled
by
in SecurityNewsA newly uncovered cyber espionage campaign orchestrated by North Korea’s Lazarus Group has been exposed in SecurityScorecard’s latest First seen on securityonline.info Jump to article: securityonline.info/operation-phantom-circuit-north-koreas-global-data-exfiltration-campaign-unveiled/
-
Lazarus Group Exploits Trusted Apps for Data Theft via Dropbox
by
in SecurityNews
Tags: crypto, cyber, data, espionage, exploit, group, infrastructure, korea, lazarus, north-korea, programming, software, technology, theft, toolIn an alarming development, North Korea’s infamous Lazarus Group has been linked to a global cyber espionage campaign, code-named Operation Phantom Circuit. Beginning in September 2024, this operation exploited trusted software development tools to infiltrate systems worldwide, targeting cryptocurrency and technology developers. The campaign’s advanced obfuscation techniques and infrastructure demonstrate a significant evolution in the…
-
Lazarus Group Uses React-Based Admin Panel to Control Global Cyber Attacks
by
in SecurityNewsThe North Korean threat actor known as the Lazarus Group has been observed leveraging a “web-based administrative platform” to oversee its command-and-control (C2) infrastructure, giving the adversary the ability to centrally supervise all aspects of their campaigns.”Each C2 server hosted a web-based administrative platform, built with a React application and a Node.js API,” SecurityScorecard’s First…
-
How Lazarus Group built a cyber espionage empire
by
in SecurityNewsSince September 2024, SecurityScorecard’s STRIKE team has been investigating Lazarus Group’s activity, uncovering key details about their infrastructure. Despite … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/01/29/lazarus-group-cyber-espionage-supply-chain-attack/
-
Privacy Roundup: Week 4 of Year 2025
by
in SecurityNews
Tags: access, ai, apt, attack, backup, botnet, breach, cctv, cve, cybersecurity, data, data-breach, detection, email, exploit, firmware, flaw, google, group, identity, infrastructure, korea, lazarus, leak, login, malicious, malware, north-korea, phishing, phone, privacy, regulation, remote-code-execution, risk, router, scam, service, software, startup, technology, threat, tool, update, virus, vulnerability, windowsThis is a news item roundup of privacy or privacy-related news items for 19 JAN 2025 – 25 JAN 2025. Information and summaries provided here are as-is for warranty purposes. Note: You may see some traditional “security” content mixed-in here due to the close relationship between online privacy and cybersecurity – many things may overlap;…
-
Lazarus Group Deploys Electron-Based Malware to Target Cryptocurrency Enthusiasts
The APT-C-26 group, commonly known as Lazarus, has intensified its campaigns, focusing on cryptocurrency professionals worldwide. A recent First seen on securityonline.info Jump to article: securityonline.info/lazarus-group-deploys-electron-based-malware-to-target-cryptocurrency-enthusiasts/
-
From Dream Jobs to Dangerous Passwords: Lazarus Group’s LinkedIn Attacks
by
in SecurityNewsCybersecurity researcher Shusei Tomonaga from JPCERT/CC has issued a warning about LinkedIn being exploited as an initial infection First seen on securityonline.info Jump to article: securityonline.info/from-dream-jobs-to-dangerous-passwords-lazarus-groups-linkedin-attacks/