BitMEX Blocks Lazarus Phishing Attempt, Calls Tactics ‘Unsophisticated’
BitMEX thwarted a phishing attack by the Lazarus Group, known for its ties to North Korea. The attack involved an employee being approached on LinkedIn for a fake Web3 NFT collaboration, aiming to execute malicious code via a GitHub project. BitMEX's security team quickly identified the threat, tracing it to known Lazarus infrastructure. An IP address linked to the group was found in Jiaxing, China. The group employs unsophisticated phishing methods to infiltrate systems, with varying technical sophistication among its subgroups. In 2024, North Korean actors stole $1.34 billion in crypto, representing 61% of all thefts that year. The Lazarus Group's tactics include social engineering and advanced post-access techniques. U.S. officials link these thefts to funding North Korea's weapons programs, potentially covering half of its missile development budget.
