Veloxity Links Lazarus Group to New Crypto Hacking Scheme- DEV-0139

The Lazarus Group, a state-sponsored hacking group from North Korea, is targeting cryptocurrency investment startups on Telegram. The group has been using a variety of techniques to infiltrate these companies, including phishing and social engineering.

In one recent attack, the Lazarus Group posed as an investment company that was aware of the challenges that exchanges face with the recent market crisis. The group infiltrated several chat groups on Telegram and used Microsoft Office documents (Excel file) weaponized with “well-crafted” malware to infect systems that it then remotely accessed.

The malware, known as AppleJeus, is a modular trojan that can steal cryptocurrency, banking information, and other sensitive data. It has been used in a number of attacks against cryptocurrency companies, including the Ronin hack, which resulted in the loss of $625 million.

The Lazarus Group is a highly sophisticated hacking group with a long history of cyber attacks. The group has targeted a wide range of organizations, including banks, cryptocurrency exchanges, and government agencies. It is likely that the group will continue to target cryptocurrency companies in the future.

To avoid falling victim to an attack by the Lazarus Group or other cybercriminals, cryptocurrency investment startups should take the following precautions:

• Be wary of unsolicited messages from strangers on Telegram or other social media platforms.
• Do not open attachments or click on links in messages from people you do not know.
• Keep your software up to date.
• Use a strong password manager to protect your passwords.
• Use two-factor authentication whenever possible.
• Be aware of the latest cyber threats and educate your employees about them.

By taking these precautions, cryptocurrency investment startups can help to protect themselves from attack by the Lazarus Group and other cybercriminals.