North Korea-backed hacker group Lazarus has been sending phishing emails to Japanese crypto exchange employees to infect their computers with malware, causing some companies to have their systems hacked and cryptocurrencies stolen, Japan’s National Police Agency announced last week.

See related article: DPRK hackers sneak US$52 mln in crypto into S.Korean exchanges: Chainalysis

Fast facts

  • The police also said Lazarus had reached out to employees through social networking sites to persuade them to download the malware.
  • The police and the Financial Services Agency of Japan asked local crypto businesses to remain vigilant for such attempts and to store their private keys offline in a joint statement.
  • The authorities, however, did not reveal details on which companies had been targeted or hacked as a result of these phishing attacks.
  • Although it was unusual for the authorities to publicly name the group before any actual arrest, they have made an exception to prevent future attacks, Yomiuri Shimbun reported.
  • The Lazarus Group, widely believed to be supported by the North Korean government, has been accused of hacking cryptocurrencies worth US$650 million from Sky Mavis’ Ronin Bridge and US$100 million from Harmony’s Horizon Bridge, among many others.

See related article: US$30 mln seized from North Korea hacking group: report