North Korea’s Lazarus behind $300m in 2023 crypto losses

Lazarus group orchestrated nearly 17% of all crypto hacks throughout 2023, mainly targeting centralized platforms like exchanges.

Five successful crypto heists masterminded by Lazarus, a North Korean-funded hacker organization, reportedly resulted in over $300 million stolen from digital asset service providers within 12 months

The state-sponsored criminal actors enacted a change in strategy, switching from defi targets to centralized platforms, according to Immunifi, a leading blockchain bounty company.

As of September 2023, the group had siphoned at least $270 million in 102 days, with services like Atomic Wallet suffering heavy losses. The $115 million ferried from Atomic Wallet remains the single-largest incident attributed to Lazarus during the year

Lazarus is also believed to have launched attacks on CoinEx, crypto casino Stake, and digital payment processor CoinsPaid

Multiple blockchain security firms and even the FBI concurred that Lazarus was responsible for several of these hacks On-chain data showed connections between wallets used to steal funds from protocols and addresses to channel this illicit wealth to crypto mixers like Tornado Cash and Sinbad

The U.S. Treasury Office previously sanctioned Tornado Cash, Sinbad, and Blender.io due to Lazarus allegedly leveraging these crypto-mixing services for money laundry.

The massive losses incurred by cryptocurrency protocols at the hands of Lazarus and other bad actors underpins a larger security threat evident in the nascent digital asset industry

Sipan danyan, co-founder and CEO at Hexens, a cybersecurity firm, said companies must allocate more resources toward combating attack surfaces. The cybersecurity veteran added that continuous security monitoring (CSM) s and value-based bug bounty programs could be key tools against hackers.

Traditionally, a significant portion of the security budgets of companies operating in web3 has been spent on smart contract audits, with CSM tools taking a bit of a back seat. This will need to change if the security landscape in web3 is to become robust enough to incentivize the widespread adoption of this truly revolutionary technology.

Sipan danyan, co-founder and CEO, Hexens