Security

A cybercrime group Lazarus is likely behind the $30mln Bithumb hack

Lazarus, also known as HIDDEN COBRA, a purportedly North Korean group of attackers, was reported by Alien Vault experts to be responsible for the recent hack of the largest South Korean cryptocurrency trading platform. Bithumb’s files created in Hangul Word Processor, a document editor popular among locals, contained malicious code to download Manuscrypt malware.

According to the South Korean reports, the breach started earlier in May when malware samples were sent to cryptocurrency companies in a form of fake CVs. Although the hack seems very much unusual in terms of Lazarus previous attacks, the Group is a likely suspect. Together with South Korean researchers, Alien Vault experts suggest cybercriminals were targeting credentials, in addition to delivering malware. That’s why so many phishing domains in the run-up to the event were registered.

The South Korean Ministry of Science and Technology (MIC) says it has been investigating the security levels of twenty-one trading platforms between January and March of this year and has confirmed that most of them had security vulnerabilities. Namely, the insufficient network isolation, absence of monitoring systems for abnormal or suspicious activities, inadequate cryptographic key, and password security management.

Bithumb is South Korea’s number one cryptocurrency exchange based on trading of Ethereum. It is the most trusted digital asset market within the country alongside UPbit, Coinone, and Korbit, but it was hacked for the third time in 12 months. Even though the company launched a complimentary 10 000 ETH giveaway campaign for its users right after the attack, mainstream media outlets in South Korea already claimed hackers could breach into local cryptocurrency exchanges with ease. According to local security experts, the attackers only need to allocate sufficient resources to it.

In the case of Bithumb, Alien Vault analysts believe that, among other things, the Lazarus Group was aided by knowledge from previous hacks against banks. It should be reminded that the attempted theft of $1bln dollars from the Bank of Bangladesh, attacks against ATM networks as well as WannaCry and Sony Pictures breaches are all linked with HIDDEN COBRA.

Taking into account the gains available, it’s highly unlikely that the thefts from Lazarus won’t stop anytime soon.

Bithumb, the South Korean cryptocurrency exchange, now ranked as the six biggest trading venue in the world, urgently asked their customers not to deposit any funds into their hot wallets on the night of June, 20, and still asks users to refrain from making any deposits until a further announcement is released. In this announcement, the trading platform lays out that the hack resulted in 11 cryptocurrencies stolen, with 2,016 Bitcoin and 2,219 Ethereum taken.

Iuliia Sukhomlinova

A blockchain enthusiast and a content writer with a zest for technologies. My final goal is to help readers find what they need, understand what they find, and use what they understand appropriately.

Related Articles

48 Comments

  1. What i do not understood is actually how you are not actually much more well-liked than you may be now. You’re so intelligent. You realize thus considerably relating to this subject, made me personally consider it from numerous varied angles. Its like women and men aren’t fascinated unless it is one thing to do with Lady gaga! Your own stuffs nice. Always maintain it up!

  2. I like the valuable information you provide to your articles. I’ll bookmark your weblog and take a look at again here frequently. I am slightly certain I’ll be told plenty of new stuff right here! Best of luck for the following!

  3. Hello! Do you know if they make any plugins to safeguard against hackers? I’m kinda paranoid about losing everything I’ve worked hard on. Any suggestions?

  4. I have really learned result-oriented things as a result of your blog. One other thing I’d really like to say is that often newer personal computer operating systems tend to allow far more memory to get used, but they in addition demand more memory space simply to work. If an individual’s computer can’t handle much more memory and also the newest software package requires that storage increase, it usually is the time to buy a new PC. Thanks

  5. What i do not understood is in reality how you are not really a lot more neatly-liked than you may be right now. You are so intelligent. You already know thus considerably on the subject of this topic, produced me individually believe it from numerous various angles. Its like men and women aren’t fascinated unless it’s something to accomplish with Lady gaga! Your own stuffs nice. Always deal with it up!

  6. Hi, Neat post. There is a problem with your web site in internet explorer, would test this? IE still is the market leader and a large portion of people will miss your excellent writing due to this problem.

Close