lazarusgroup

🙄Hack A group of DPRK #hackers #LazarusGroup hacked a cold wallet on the exchange for 400k $ETH ($1.5 billion dollars)
Now they have more ether than Vitaliy Buterin, the creator of the token himself
😀The channels are already screaming that North Korea has announced a strategic reserve of ether😂

#BybitHack #BybitWalletHack

According to Arkham Intelligence, the mastermind behind the $1.5 billion Bybit hack has been identified, and the culprit is none other than the Lazarus Group, a notorious North Korean cybercrime syndicate.

🔎 What we know at the moment:
🔹 Lazarus Group has a history of large-scale cryptocurrency thefts, laundering billions through complex blockchain transactions.

Lazarus Group is one of the world’s most dangerous cyber hacking organizations, believed to be operating under the supervision of the North Korean government. It began its activities in the early 2000s and has since carried out high-profile attacks targeting financial institutions, technology companies, and cryptocurrency platforms. Its primary objectives are to fund the North Korean regime, evade international sanctions, and gather intelligence.
Origins and Development
Lazarus Group first appeared on the cyber scene in 2009, but it gained global attention in 2014 after the infamous attack on Sony Pictures. During that attack, the hackers infiltrated the company’s systems, stole sensitive data, and released threatening messages in response to the film “The Interview”, which mocked North Korean leader Kim Jong-un. Since then, the group has diversified its targets, including banks, governments, and cryptocurrency companies.

Group’s Objectives and Motives
1. Illicit Financing:
Due to the economic sanctions imposed on North Korea, the group steals money and cryptocurrencies to fund its nuclear and military programs.
2. Cyber Espionage:
The group gathers intelligence from governments and corporations to strengthen North Korea’s position in international negotiations.
3. Destabilization:
Some attacks are aimed at creating chaos in enemy countries or disrupting their economic systems.

Notorious Cyberattacks
1. Sony Pictures Hack (2014)
• The hackers infiltrated Sony’s systems, leaking unreleased films and sensitive emails.
• The attack caused significant financial losses and raised concerns about online freedom of expression.
2. WannaCry Ransomware Attack (2017)
• A global ransomware attack that infected over 230,000 devices in 150 countries.
• It crippled hospitals, companies, and banks, with hackers demanding ransom in Bitcoin to unlock encrypted files.
3. Bangladesh Central Bank Heist (2016)
• The group stole $81 million through illegal transfers from the Federal Reserve Bank of New York to accounts in the Philippines.
• The theft could have reached $1 billion if the breach had not been discovered at the last minute.
4. Ronin Network Hack (2022)
• The group breached the blockchain network of the game Axie Infinity, stealing over $620 million in Ethereum (ETH) and USDC.
• This was one of the largest cryptocurrency hacks in history.

Hacking Techniques and Tools

Lazarus Group employs advanced techniques and diverse methods, including:
1. Social Engineering: Tricking employees into clicking malicious links via emails or social media.
2. Ransomware: Encrypting data and demanding cryptocurrency payments to restore access.
3. Blockchain Breaches: Exploiting vulnerabilities in smart contracts and decentralized finance (DeFi) platforms.
4. Money Laundering: Using cryptocurrency mixers like Tornado Cash to hide the origin of stolen funds.

Organizational Structure

Little is known about the group’s internal structure due to its secrecy. However, it is believed to operate under North Korea’s Reconnaissance General Bureau (RGB), responsible for intelligence activities and special operations abroad. The group is likely supported by skilled programmers and hackers trained within the country.

Global Economic Impact

Lazarus Group’s attacks have resulted in billions of dollars in losses and disrupted financial markets worldwide. For example, ransomware attacks like WannaCry harmed healthcare providers and banks, while cryptocurrency thefts undermined investor confidence in blockchain technology.
International Response
1. United States: The U.S. Treasury Department has imposed sanctions on individuals and entities linked to Lazarus Group. The FBI has also classified the group as a top cyber threat.
2. United Nations: UN reports indicate that stolen funds are used to finance North Korea’s nuclear weapons program.
3. Cybersecurity Companies: Firms like Kaspersky, Symantec, and CrowdStrike are actively tracking the group’s activities and developing protection systems against its attacks.
How to Protect Yourself from Lazarus Group’s Attacks
• Enhance Cybersecurity: Use advanced firewalls and antivirus software.
• Employee Awareness: Train employees to recognize phishing emails and suspicious links.
• Enable Two-Factor Authentication (2FA): Especially for managing cryptocurrency wallets.
• Backup Important Data: Keep encrypted backups of critical data.
Conclusion
Lazarus Group is a clear example of how cybercrime can be used as a political and economic tool. With its advanced skills and diverse strategies, it has become a major player in the world of cybercrime. As the world increasingly relies on digital assets, the group is expected to continue its attacks, making cybersecurity a top priority for individuals and organizations alike.
$AXS $ETH $BTC
#BybitSecurityBreach #LazarusGroup #SouthKorea #ETH #BTC☀

Blockchain detective ZachXBT on June 21, 2025, on X accused the decentralized platform Garden Finance of laundering funds related to the hacking attack on the Bybit exchange, where $1.4 billion was stolen. According to him, over 80% of the platform's fee revenue ($300,000 in 12 days) comes from illegal transactions allegedly organized by Chinese money launderers linked to the North Korean Lazarus group.

The North Korean hacker group Lazarus Group is likely behind the hack of the UK-registered cryptocurrency exchange Lykke, resulting in the theft of $22.8 million in cryptocurrency. This was reported by the UK Office of Financial Sanctions Implementation (OFSI) on August 18, 2025. The attackers stole 158 $BTC and 2161 $ETH , leading to the suspension of trading and the liquidation of the exchange in March 2025. More than 70 customers filed claims seeking compensation of £5.7 million.

On July 22, 2025, the Indian cryptocurrency exchange CoinDCX confirmed a massive cyberattack, resulting in the theft of $44 million from its internal operational wallet. Cybersecurity experts from Cyvers link the incident to the North Korean hacker group Lazarus Group, known for its sophisticated attacks on centralized platforms. The breach occurred on July 19 within minutes when the attackers used cross bridges and the cryptocurrency mixer Tornado Cash to cover their tracks of the stolen assets, primarily $USDC and $USDT from the Solana blockchain.

🚀 Arkham launched a $32,000 bounty (50,000 ARKM) for information on the Bybit hacker. Just one hour later, blockchain investigator ZachXBT provided definitive proof that the attack was carried out by Lazarus Group – a notorious North Korean hacking syndicate.

🔍 His findings include:

▪️Test transactions and linked wallets used before the hack.
▪️Forensic graphs & timing analysis.

The report has been shared with Bybit to aid their investigation. 🚔
#BybitSecurityBreach #BybitHack #LazarusGroup