Recent Updates
18:30
CZ Addresses Claims of a Binance Deal with Trump!
18:00
US Bitcoin ETFs End Outflow Streak with $13.3 Million Inflow
17:00
Lazarus Group Sends 400 ETH to Tornado Cash
16:44
It Is Reported That the Trump Family Has Held Talks for Binance Shares
16:30
HYPE ETF Rises on News! Will the Downtrend Be Broken?
16:00
Interpol Red Notice Requested for LIBRA Creator!
15:53
Robinhood Lists Three New Coins!
Crypto:
34078
Bitcoin:
$80.745
% 1.43
BTC Dominance:
%60.7
% 0.36
Market Cap:
$2.68 T
% 1.14
Fear & Greed:
45 / 100
Bitcoin:
$ 80.745
BTC Dominance:
% 60.7
Market Cap:
$2.68 T
Crypto News

Lazarus Group Sends 400 ETH to Tornado Cash

Emre Yumlu
Update Date: 13 March 2025 15:56:55
SUBSCRIBE: Youtube Google News
Lazarus
13
Mar

Lazarus Group laundering ETH while distributing new types of crypto theft software targeting developers.

Lazarus Group Laundering Crypto Assets via Mixers Following High-Profile Hacks

On March 13, blockchain security firm CertiK alerted its X followers that it had detected a deposit of 400 ETH worth around $750,000 to the Tornado Cash mixing service.

“The fund traces to the Lazarus group’s activity on the Bitcoin network,” it noted.

The North Korean hacking group is known to be responsible for the massive Bybit exchange hack on February 21, which led to the theft of $1.4 billion in crypto assets.

Additionally, it is linked to the $29 million Phemex exchange hack in January, and has continued laundering assets since.

Lazarus has also been tied to some of the most notorious crypto hacking incidents, including the $600 million Ronin network hack in 2022.

According to Chainalysis data, North Korean hackers stole over $1.3 billion in crypto assets in 47 incidents in 2024, more than doubling thefts compared to 2023.

Lazarus Group Deploying New Malware Targeting Developer Environments

According to researchers at cybersecurity firm Socket, the Lazarus Group has distributed six new malicious packages designed to infiltrate developer environments, steal credentials, extract cryptocurrency data, and install backdoors.

The group targeted the Node Package Manager (NPM) ecosystem, which is a large collection of JavaScript packages and libraries.

Researchers discovered malware called “BeaverTail” embedded in packages that mimic legitimate libraries using typosquatting tactics or deceptive methods to trick developers.

READ:  CoinStats Reveals Details on June Security Breach

“Across these packages, Lazarus uses names that closely mimic legitimate and widely trusted libraries,” they added.

The malware specifically targets Solana and Exodus wallets.

The attack targets files in Google Chrome, Brave, and Firefox browsers, as well as keychain data on macOS, particularly targeting developers who may unknowingly install the malicious packages.

The researchers noted that while attributing the attack definitively to Lazarus is difficult, “the tactics, techniques, and procedures observed in this npm attack closely align with Lazarus’s known operations.”

You can also freely share your thoughts and comments about the topic in the comment section. Additionally, don’t forget to follow us on our Telegram, YouTube, and Twitter channels for the latest news and updates.

Rate this post

Leave a Reply

Your email address will not be published. Required fields are marked *