The Lazarus Group once again launched chaos in 2019, this time in
the world of cryptocurrency exchange platforms. North Korean hackers
managed to infiltrate DragonEx’s computer systems through malicious
The latest report from Chainalysis, a cryptocurrency market analyst, reveals that the Lazarus Group, the North Korean hacking group that may be behind the WannaCry ransomware, is to blame for an attack on DragonEx, a platform for exchange of virtual currencies, which caused losses in the order of 7 million dollars.
According to experts, the attack dates back to March 2019, when DragonEx was hacked by cybercriminals. Although the attack is not one of the largest ever recorded by Chainalysis, the method used by the group revealed how sophisticated its strategy has become over time.
To infiltrate and hack DragonEx, the Lazarus Group created a fake company called WFC Proof. In order not to raise suspicion, cybercriminals created a professional website, as well as fake employee profiles on LinkedIn and the Telegram platform.
Among the services offered by the “organization” was Worldbit-bot, a program that supposedly performed virtual coin burrows automatically. The software was, in fact, malicious and allowed hackers to freely access any computer on which it was installed.
By posing as WFC Proof, the Lazarus Group was able to convince several DragonEx employees to use the Worldbit-bot. The software was eventually installed on a computer that contained the keys to the virtual wallets managed by the company. From there, the hackers managed to steal millions of dollars in cryptocurrencies, afterwards doing a “money laundering” for several accounts in order to go unnoticed.
Source: Sapo TEK