South Korean police successfully prevented Lazarus Group, a North Korean cybercrime organization, from hacking over 200 computers across 61 South Korean institutions last year. According to the National Police Agency (NPA), the group attempted a “watering hole” attack, targeting security software installed on the computers, including those of eight media companies.
To execute the attack, Lazarus targeted a South Korean firm distributing security software used for online banking and financial services, which is installed on more than 10 million computers in the country. The group had previously planned to infiltrate INISAFE, the firm developing the security software, in 2021. However, the police detected the group’s activity and worked with other agencies to block further access, preventing any actual damage.
Lazarus Group, which is thought to be operated by the North Korean government, has been implicated in various major cyber-attacks, such as the WannaCry 2.0 ransomware attack in 2017, the Bangladesh bank heist in 2016, and the Sony Pictures Entertainment hack in 2014.
In 2020, the group stole $275 million from the crypto exchange KuCoin and amassed over $400 million in stolen crypto funds in 2021 alone. They are best known for stealing $620 million from the non-fungible token (NFT) game Axie Infinity, marking the largest-ever crypto hack.
Last year, it was reported that funds stolen in the Axie Infinity hack were moved through Tornado Cash, a popular crypto mixer. The US Treasury Department sanctioned Tornado in August 2022 due to its frequent use by crypto hackers.
![PeckShieldAlert Flags the “orblter[.]finance” Phishing Site](https://cryptotale.org/wp-content/uploads/2023/04/8-orblter-finance-is-a-phishing-site-not-the-real-150x150.jpg)
