[image credit : Shutterstock]
The infamous hacking collective Lazarus Group, widely believed to work for the North Korean government, is believed to have been behind the hack of cryptocurrency exchange DragonEx.
DragonEx was hacked in March 2019, announced via Telegram that hackers managed to steal cryptocurrency belonging to both the cryptocurrency exchange and its users. The exchange quickly released all of the cryptocurrency wallets the funds, worth over $7 million at the time, moved to.
A new report released by blockchain analysis firm Chainalysis details that the Lazarus Group was likely behind the attack, in what could be one more cryptocurrency exchange hack helping fund the North Korean government. As reported, North Korean hackers have been hitting cryptocurrency trading platforms and financial institutions to fund North Korea’s weapons programs.
The report details Lazarus used advanced tactics to hack the cryptocurrency exchange. It reportedly created a fake company and a fake cryptocurrency trading bot to phish DragonEx employees and gain access to the cryptocurrency. The fake company had fake employees who had fake, legitimate-looking social media profiles.
Lazarus pitched the fake cryptocurrency trading bot to the exchange, prompting them to try out the bot, dubbed Worldbit-bot. The file DragonEx employees had to download had malware that gave the hackers access to their devices. They then quickly moved the cryptocurrency to wallets they controlled.