North Korean hackers stole cryptocurrencies worth $ 1.5 billion

According to the cryptocurrency exchange, Hackers carried out an attack during the transfer of funds From the safest « cold portfolio », which can only be accessed with two or more digital signatures. The attacker managed to change the signature interface, as a result of which the correct address was displayed during the transfer, but the algorithm was violated by which the funds were sent between the parties. After hackers paid the currency from a cold wallet, they sent it to other addresses. Zhou noticed that the attack concerned only one portfolio and did not affect the functioning of the stock exchange.

Experts immediately pointed out that North Korean hackers from the Lazarus group, also known as APT38, Bluenoroff and Stardust Chollima, could be behind theft. They managed to track down the source of stolen funds that came from cryptocurrency portfolios, which were already used for burglaries for other stock exchanges. The Lazarus Group has been at least since 2009, and since 2019 it has been subject to US sanctions. NCC Group experts suggested that All the group's attacks were approved by the government of the Korean People's Democratic Republic, because there is no free access to the Internet in the country.

View Original Source