north korean hackers bait crypto users

North Korean Hackers Bait Crypto Users

Job seekers are being duped by a notorious North Korean cybercrime organization posing as a prominent cryptocurrency exchange in the United States.

As cryptocurrencies are starting to recover from their painful declines in 2022, notorious hacking organizations are starting to come out from the shadows as Lazarus Group is deceiving people through malware-based attacks posing as prominent cryptocurrency exchange, Coinbase.

Hacks can occur due to vulnerabilities in the code of a particular cryptocurrency, or in the systems of exchanges or other platforms where the currency is stored or traded. Hackers may target individuals or organizations that hold significant amounts of a particular cryptocurrency. 

North Korea’s stance on crypto

North Korea has a complex relationship with cryptocurrencies and digital assets. The government has been known to mine and use cryptocurrencies to evade international sanctions and fund illegal activities. However, the use of cryptocurrency by individuals within the country is heavily restricted and can result in severe penalties, including imprisonment. In 2019, the government reportedly banned all foreign cryptocurrencies and ordered the shutdown of all domestic exchanges.

The use of cryptocurrency is considered a criminal offense in North Korea, and the government has been known to crack down on illegal mining operations. Despite these restrictions, reports suggest that cryptocurrency is still being used within the country for illicit activities, such as money laundering and the purchase of banned goods.

North Korea’s stance on cryptocurrencies appears to be one of strict control and regulation, with the government using it for its own purposes while cracking down on its use by citizens. It is important to note that information on North Korea is difficult to verify and the country is known for being secretive, so there may be more nuances to its stance on cryptocurrency than is currently known.

About Lazarus Group

About Lazarus Group

Lazarus Group, also known as “Hidden Cobra,” is a cybercrime group that is believed to be based in North Korea. The group is known for its advanced cyber espionage and financially motivated attacks, such as the theft of millions of dollars from banks and cryptocurrency exchanges. The group has been active since at least 2009 and is considered one of the most sophisticated and dangerous cybercrime groups in the world.

The group has been linked to a number of high-profile attacks, including the Sony Pictures hack in 2014, the Bangladesh Bank heist in 2016, and the WannaCry ransomware attack in 2017. Lazarus Group has also been known to target other countries and their financial institutions, including in South Korea, Japan, India, and other countries.

It is widely believed that Lazarus Group is sponsored by the North Korean government. The group is known to have used infrastructure that is exclusively controlled by the North Korean government and its activities align with the country’s goals. As mentioned, they are known to have targeted banks and financial institutions, which could be an attempt to evade international sanctions and gain access to foreign currency. Additionally, the group has been observed to be operating during North Korean working hours, which is further indication that it is operating from within the country.

Several cyber-security firms have published reports linking Lazarus Group to the North Korean government, based on technical evidence, such as using similar tools, tactics, and procedures (TTPs) and infrastructure. Also, the complexity of the attacks, the resources required to perform them, and the fact that the group has continued to operate despite international sanctions against North Korea all indicate that the group is likely state-sponsored.

The attribution of cyber attacks can be complex, and some experts have cast doubt on the link between Lazarus Group and the North Korean government. Furthermore, some experts suggest that the Lazarus Group might be a group of hackers who operate independently but with the knowledge and support of the North Korean government.

Why is Lazarus Group breaking into people’s cryptocurrency accounts?

The reasons for their stealing crypto from people could be varied, but the most likely reason is financial gain. It is important to note that the Lazarus Group has been known to use a variety of tactics to steal cryptocurrency, including phishing campaigns, malware attacks, and hacking into exchanges and wallets. They have been known to target both individuals and organizations, and have been successful in stealing large amounts of cryptocurrency. As the value of cryptocurrency continues to rise, it is likely that the Lazarus Group and other cybercrime groups will continue to target it as a way to generate revenue. To protect oneself from these kinds of attacks, it is recommended to use strong, unique passwords and two-factor authentication (2FA) for all online accounts, as well as to be cautious when opening emails or clicking on links from unknown sources. Keep your software and operating systems updated, and use a reputable antivirus software to protect against malware.


In conclusion, protecting oneself from crypto hacks by black hat hackers such as the Lazarus Group requires a multi-layered approach that includes both technical and non-technical measures.

From a technical standpoint, use strong, unique passwords and two-factor authentication for all online accounts, keep software updated, and use a reputable antivirus software to protect against malware. It is also important to be cautious when opening emails or clicking on links from unknown sources, as well as to avoid clicking on suspicious links or visiting suspicious websites. Additionally, it is important to use a hardware wallet to store one’s crypto, as it provides an additional layer of security, and to backup one’s wallet regularly.

From a non-technical standpoint, be vigilant and be aware of the latest threats and tactics used by hackers, as well as to be cautious when dealing with unknown parties. Additionally, it is important to use a reputable exchange or wallet service that has a good track record of security and has implemented measures to protect user’s assets.

Always remember that no security measure is foolproof, and that even the most diligent and cautious person can fall victim to a cyber attack. Therefore, it is important to have an incident response plan in place to minimize the damage in case of a successful attack.