BitMEX discovers cybersecurity lapses in North Korea hacker group
The BitMEX crypto exchange's security team identified operational security gaps within the Lazarus Group, a North Korean cybercrime network. A counter-operations probe revealed IP addresses, a database, and tracking algorithms used by the group. Researchers indicated that a hacker likely exposed their true IP address, traced to Jiaxing, China. Access was gained to a Supabase database instance utilized by the group. The analysis showed a disparity between low-skill social engineering teams and high-tech hackers, suggesting the organization has fragmented into sub-groups with varying threat capabilities. Federal law enforcement agencies globally are increasingly investigating DPRK-affiliated hackers, with the FBI warning about social engineering scams targeting crypto users. Governments of Japan, the US, and South Korea have echoed these concerns, labeling the hacking activities as threats to financial systems. Discussions on the Lazarus Group's threat may occur at the next G7 Summit.
