Daily Web3 Headlines You Need To Know

07 June | The Matrix In Real Life?

Lazarus Group & North Korea (Source: Cointelegraph)

🔥 News

#Reuters report says Lazarus Group used Binance to launder stolen funds

A new report from Reuters states that Binance was used to process transactions totaling at least $2.35 billion in illicit funds, including crypto stolen by the North Korean Lazarus group. Using only encrypted email addresses, the hackers opened at least two dozen anonymous accounts on Binance and used them to “convert the stolen funds and obscure the money trail,”…(read more)

#St. Louis Fed releases analysis of “Buy Eggs with Bitcoin”

According to the St. Louis Fed, a dozen Grade A eggs (12) will cost as little as $1.47 and as much as $2.52 from January 2021 to April 2022. The price of the same carton of eggs in Bitcoin ranges between 2829 and 6086 satoshis (Note: 1 million satoshis equals 0.01BTC), which is much more volatile than the dollar price…(read more)

#Indonesian crypto trading app Pintu scores $113M Series B

Launched in April 2022, Pintu bills itself as “Indonesia’s leading homegrown crypto assets platform.” This is the third round of funding the startup has landed in little over a year. The app also added additional payment channel integrations; Pintu Staking, which lets users stake their Pintu Token; and Pintu Earn, a product that enables them to earn an up to a 15% annual percentage yield (APY) on selected crypto assets which are paid hourly with no lock-up period…(read more)

#Bitcoin Ends Record-Long Losing Streak, BTC Inflows Grow, Ethereum Sees Outflows

As bitcoin (BTC) ended a 9-week-long losing streak on Sunday, when a green weekly candle finally appeared on the bitcoin chart. The positive weekly close kicked off a green start of the new week on Monday, with gains across the board in the crypto market…(read more)

#Shibarium may launch testnet in June

Community members have speculated that the Shibarium testnet, the second layer scaling solution for Shiba Inu (SHIB), may launch in June. SHIB lead developer Shytoshi Kusama recently posted a GIF on Twitter with the caption “laughter in Shibarium”, sparking this speculation…(read more)

#Discord of Boss Beauties is suspected to have been attacked

the Discord of Boss Beauties, an NFT series focusing on women’s empowerment, is suspected to have been attacked. The scam address 0x3538e35a031b1ad41cc6890749858841192eb7a5 is still frequently transferring in and out NFTs as of the time of writing, with a total of more than 40 NFTs…(read more)

🔍 Learn

在一众黑客组织当中,被各国政府列为头号关注对象的必定是Lazarus Group

Lazarus Group在各国的情报组织都有不同的代号,包括Hidden Cobra、Zinc、APT-C-2和Guardians of Peace等,为朝鲜最活跃的国家级APT(Advanced Persistent Threat,高级持续性威胁)组织,意味着该组织为国家政府支持的黑客团体,专注对特定目标进行长期的网络攻击。目前,Lazarus的主要目标为窃取资金,针对银行、比特币交易所等金融机构和个人实施定向攻击,为全球金融机构最大威胁之一,俨然成为了加密生态中最具破坏力的黑客组织。

Lazarus Group攻击地图(截至2017年,来源:Kaspersky Lab)

Lazarus Group是什么?成立于2007年,隶属于北韩人民军总参谋部侦查总局第三局旗下的110号研究中心,主要负责网络战。该组织旗下由两个部门,包括主要针对金融机构和加密货币交易所、且通过金融网络犯罪为国家谋取经济利益的BlueNorOff和以韩国的各个主要机构为目标的AndAriel。自2017年以来,该组织通过对加密行业进行攻击而至少获利10亿美元,并且通多各种网络协议将所有被盗的加密资产兑换成以太币和比特币后通过套现来进行洗钱活动。

Lazarus Group的常用犯罪手法?与钓鱼网站的手法类似,Lazarus Group最擅长通过潜入组织的内部聊天群,发送恶意文件伺机盗窃金融相关资料。2021年,谷歌安全团队发现Lazarus Group会长期潜伏在各大社交媒体平台上,并且伪装成加密行业或是互联网行业的专家,在得到平台上目标对象的信任后,就会假借研究漏洞的名义获得隐私和保密资料,且对其他研究人员发起“零日漏洞”(Zero-day)攻击。近来,更会伪装成求职人员,在通过面试正式入职后,通过内部网络发起攻击。

公开资料显示,Ronin Network加密货币盗窃案是迄今为止第二大网络盗窃案。在3月23日,Lazarus Group从 Ronin 跨链桥中窃取了173600以太币和2550万枚 USDC。虽然美国财政部通过制裁措施确保国家资助的集团无法兑现这些资金,但是Lazarus Group仍然可以通过一些不为人知的通道进行洗黑钱活动,防不胜防。

📃 More to learn

# A Look into the Lazarus Group’s Operations

Few cybercrime groups throughout history have had as much disruptive power and lasting impact as the Lazarus Group. Ever since their first attacks, which involved DDoS operations against various organizations across different industries, the group has managed to step up their attacks even further.

#North Korean hackers linked to $620 million Axie Infinity crypto heist

North Korea has long targeted cryptocurrency exchanges and sites amid crippling U.S. and international economic sanctions. But the Axie Infinity hack marks an incredibly lucrative haul for Pyongyang, which last year stole around $400 million in cryptocurrency

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store