The Lazarus Group has been identified as a highly sophisticated, state-sponsored cyber threat group, posing significant risks in the digital landscape. #CyberSecurity #LazarusGroup https://www.cyfirma.com/research/apt-profile-lazarus-group/

A deep dive into the Lazarus subgroup reveals their tactics of hijacking cloud platforms, poisoning supply chains, and stealing billions in digital assets. #CyberSecurity #LazarusGroup https://www.wiz.io/blog/north-korean-tradertraitor-crypto-heist

another indian crypto exchange got hacked (exactly one year after #NorthKorea hacked a different Indian crypto exchange, #wazirx)
https://www.coindesk.com/web3/2025/07/19/indian-crypto-exchange-coindcx-suffers-44m-hack

making money laundering great again (Tornado Cash is a crypto thing built for and very popular with money launderers like North Korea and #Russia, who use it to anonymize their on chain activity. the howler monkeys on the 5th circuit declared the sanctions against it to be unconstitutional a few months ago and then the #Trump administration dropped the sanctions that prohibited people from using the service).

the TORN token, which is literally an investment in the success of a money laundering enterprise, spiked on the news.

https://www.coindesk.com/policy/2025/07/07/torn-spikes-5-after-u-s-appeals-court-okays-end-of-another-tornado-cash-lawsuit

Uncovered: Lazarus Group's #APT38 uses Cosmic Rust malware to target macOS devices, linking back to known C&C servers. This highlights ongoing threats from North Korean hackers involved in global financial attacks. #LazarusGroup #Korea https://www.hendryadrian.com/apt38-infrastructure-hunt-uncovers-macos-malware/

some hot goss about Lazarus Group's money laundering activity from the PRC's contracted blockchain analysts (who are actually some of the best in the biz)

https://x.com/Bitrace_team/status/1935187982925123731

i feel like there must be some linguistic reason these Chinese organized crime crypto money laundering companies always use the word "guarantee" in their names.

* Elliptic report: https://www.elliptic.co/blog/xinbi-guarantee
* Wired article: https://www.wired.com/story/xinbi-guarantee-crypto-scam-hub/

Also worth noting that Jacob Silverman and James Block (Dirty Bubble Media) were reporting on some of these Colorado based crypto scam companies a year and a half ago: https://www.thenation.com/article/economy/rocky-mountain-lie/

good thing the US is gutting beneficial ownership regulations that would make it easier to understand who actually owns US trusts and corporations while simultaneously trashing both crypto enforcement at the DOJ but also more generally cyber defense

"The companies, Blocknovas LLC and Softglide LLC, were set up in the states of #NewMexico and New York using fake personas and addresses."

* Reuters: https://www.reuters.com/sustainability/boards-policy-regulation/north-korean-cyber-spies-created-us-firms-dupe-crypto-developers-2025-04-24/
* Technical details from Silent Push: https://www.silentpush.com/blog/contagious-interview-front-companies/

https://www.europesays.com/2024954/ North Korean hackers used fake crypto firms to deliver malware in job scams #AI #crypto #cryptocurrency #Lazarus #LazarusGroup #malware #NorthKorea #NorthKoreanHackers

https://www.europesays.com/2023902/ North Korean hackers set up fake firms in US to target cryptocurrency developers #AngeloperAgency #Blocknovas #crypto #cryptocurrency #Hacker #intelligence #LazarusGroup #malware #NorthKorea #NorthKorean #OfficeOfForeignAssetsControl #Pyongyang #ReconnaissanceGeneralBureau #SilentPush #Softglide #spy #UnitedNations

#LazarusGroup strikes South Korea—again.

6 major industries breached via watering hole attacks + zero-days in Cross EX & Innorix Agent.
Malware used: ThreatNeedle & more.
#CyberAlerts #Malware #SupplychainsAttacks
Supply chains are the target.
https://thehackernews.com/2025/04/lazarus-hits-6-south-korean-firms-via.html

1/ Deep dive case study of the kind of open source contributions and #GitHub astroturfing that North Korean hackers employ to try get jobs as devs at crypto companies, this time in an attempt to infiltrate #onlyDust.

tl;dr DPRK hackers use contributions to FOSS projects to build cred, after which, armed with AI video avatars, they try to leverage the cred into success in interviews for blockchain development jobs.

I've said it before but i'll say it again: the one real upside of crypto is that the industry draws close to 100% of the incoming fire from sophisticated #DPRK threat actors like Lazarus Group who would otherwise be hacking banks.

https://www.ketman.org/dprk-it-workers-in-freelance-platform-onlyDust.html

#ZachXBT is probably world's greatest crypto detective. He's pro-crypto but has busted a *ton* of frauds and scams.

Recently he's been working on tracking #NorthKorea's massive money laundering operation in the wake of the #Bybit hack and seems to have concluded that the entire crypto industry is fucked (which some of us have known all along).

* Telegram link: https://t.co/7Fi2sk1cqF

#NorthKorea confirmed to be active in the #memecoin markets (#PEPE is one of the bigger/more successful #memecoins). This is something I've always assumed but never seen fully confirmed.

American congressmembers like #MarkCollins are also active memecoin traders.

What could go wrong?
https://x.com/officer_cia/status/1900587377564766661

Six malicious packages have been identified on npm (Node package manager) linked to the notorious North Korean hacking group Lazarus. #LazarusGroup #CyberAlerts https://www.bleepingcomputer.com/news/security/north-korean-lazarus-hackers-infect-hundreds-via-npm-packages/

@snowgaze if you want to know more, I highly recommend this series! It's not only about the hackers, but also about the Korean society. I loved it!
#LazarusGroup #Hacking #NorthKorea #BBCPodcasts
https://www.bbc.co.uk/programmes/w13xtvg9/episodes/downloads

"incredible visualization of all the regions whose economies were transformed by crypto"
https://x.com/divine_economy/status/1842191514874646844

Fascinating! And
The Global Story: How North Korean hackers launched history's biggest heist
#LazarusGroup #Ethereum #Heist #Hacking #NorthKorea #CryptoHack #CryptoCurrency
https://www.bbc.co.uk/programmes/p0kwt2j3

#SafeWallet published the results of an investigation into #NorthKorea's theft of $1.4 billion worth of ethereum from #Bybit.

https://x.com/safe/status/1897663514975649938

#NorthKorea has finished laundering all of the $1.4 billion worth of crypto it stole from #Bybit into other tokens almost entirely through #ThorChain who made $5.5 million in fees on the laundering effort .

https://x.com/benbybit/status/1896798476945744010