In North Korea, the second most famous name is “Lazarus”, after their leader, Kim Jong Un. North Korea’s “Lazarus” has earned the tag of being the “most profitable cryptocurrency-hacker group” in the world. If we backtrack to the year 2017 from today, the evil minds on the internet have hacked into online exchanges of cryptocurrencies, stealing a huge chunk of money worth $882 million. But the infamous North Korean “Lazarus” has done it better than all others out there.
World’s most efficient cybersecurity unit ‘Group-IB’ is gearing up to present its annual report which will uncover the trends in hi-tech cybercrime. A short story by Hard Fork tells us about the 14 various attacks on cryptocurrency firms since January 2017 and it estimates that the Lazarus group is responsible for illegal earnings around $571 million. This amount accounts for more than half of the total amount stolen in an unauthenticated manner.
Traditional methods and tools like spear phishing, social engineering, malware etc are usually used by the hackers to target the cryptocurrency exchanges.
“Spear phishing remains the major practice of undertaking attack on corporate networks.”
Let’s understand this with the help of an example where fraudsters slip in the malware by embedding it under the cover of CV spam within an attachment. After they get access to the local network, the hackers look for the local network to get information about workstations and servers serving the private cryptocurrency wallets.
The Group-IB has put forward its prediction that the instances of targeted attacks on cryptocurrency exchanges will increase in number, and not only the ones from Lazarus but many new hackers will emerge soon. IB is also concerned about the most aggressive hackers who usually attack banks, will shift their focus to cryptocurrency exchanges as they are now aware of the fast growth of cryptocurrency all around the world.
“56% of ICO funds were stolen using Phishing.”
The IB made its stand clear that the hackers are taking advantage of “crypto-fever,” where investors are crowding in large numbers to contribute their share to new cryptocurrency projects as fast as possible, without verifying whether they are investing into authenticated Crypto firm.
“Large phishing groups are capable of stealing around $1 million every month.”
With the evolving technology, the Cryptocurrency hackers are also getting more knowledgeable and are constantly improving their skills. The IB has recorded many issues involving theft in the investor’s database by hackers who blackmail Cryptocurrency holders by stealing their sensitive financial information.
Cryptocurrency Fraudsters are even making fake websites having cryptocurrency project descriptions and plagiarized whitepapers. Once they have people investing in the project after launching a fake ICO, they tend to disappear with investor funds.
“Automated phishing and use of ‘phishing-kits’ will become more mainstream resulting for the attacks on ICOs.”
The IB also claims that if these hackers are increasingly using the trial and error method to force into the cryptocurrency network but their success rate has been poor. But if the instances of the attacks are increased it will surely shoot up their success rate and they might gain complete control over the cryptocurrency and its transactions.
In the year 2017, 51% of failed attacks were detected, but they are now ramping up their attempts in huge numbers. In the first half of 2018, 5 successful attacks were carried out targeting direct financial losses within the range of $0.55 million to $18 million.
So Blockchain Technology was known to be secure, but is it truly secure? The technology is secure but we must accept the fact that it is developed by humans and there will be some loopholes left unplugged in this technology. The Hackers or IB would help us to make it 100% secure sooner or later. So think wisely before you invest into the Blockchain Network!