Lazarus Group Strikes Again, Stealing $3.2M in Latest Crypto Attack

In Brief:

Lazarus Group, North Korea-linked hackers, scammed a user out of $3.2M in May, converting the funds from Solana to Ethereum.

The stolen funds were laundered through Tornado Cash, and further attacks on NFTs have been linked to the group.

The Lazarus Group, a North Korea-affiliated hacker collective, has once again targeted the cryptocurrency sector, this time stealing $3.2 million from a user in a scam on May 16. The stolen funds, initially in Solana, were quickly converted to Ethereum and laundered via Tornado Cash, a privacy protocol that hides transactions. At the time of reporting, around $1.25 million remains in a wallet holding DAI and ETH.

‍

This attack is just one in a series of increasing efforts by the Lazarus Group to exploit the crypto space. On June 27, an on-chain analysis by ZachXBT linked the group to an attack on multiple NFT projects, including those tied to Matt Furie, the creator of Pepe. The attackers stole an estimated $1 million from these projects by taking control of NFT contracts, minting, and dumping NFTs.

Additionally, the analysis revealed irregularities, such as Korean language settings and time zones associated with GitHub accounts, pointing to North Korean activity. Investigations also suggest that a key figure, Alex Hong, involved in one of the NFT projects, may be a North Korean IT worker. These ongoing attacks highlight North Korea's growing involvement in crypto theft, with blockchain firm TRM Labs linking the country to nearly $1.6 billion in stolen funds this year.

‍