CertiK, a cybersecurity firm, has uncovered evidence linking the recent breaches at Atomic Wallet, Alphapo, CoinsPaid, Stake.com, and CoinEx to the notorious Lazarus Group. This revelation comes at a time when the digital community is grappling with a series of cyber attacks targeting major Web3 entities.
The Lazarus Group, believed to be supported by North Korea, has been causing havoc in the Web3 community for some time now. In 2022, they famously exploited the Ronin bridge, resulting in a staggering loss of $650 million. Since then, the group has been responsible for multiple cyber attacks throughout this year.
These attacks have collectively led to a total loss of $291.3 million for the Web3 community, accounting for 77.7% of all losses attributed to such breaches. The exploits of Stake.com and CoinEx alone contributed to 78% of the losses in September.
CertiK’s blockchain investigations have revealed a clear pattern connecting these breaches to the Lazarus Group. It appears that each attack exploited vulnerabilities unique to the protocols and systems of the affected entities. Additionally, the frequent compromise of private keys suggests potential prior breaches at these companies.
The implications of these findings have raised concerns about the preparedness of crypto entities against state-backed cyber adversaries. Decentralized platforms, known for their security and censorship resistance, are attractive targets for groups like Lazarus, who possess significant resources and motivation.
Leaders in the Web3 community are now calling for a coordinated global response to address this issue. Zhao Changpeng, CEO of Binance, emphasizes the urgent need for advanced security protocols and international cooperation. He states, “We are dealing with state-backed actors with vast resources. This is not just an industry concern, but a global security issue.”
The Lazarus Group’s strategy involves spear-phishing targeted at Web3 company personnel to steal sensitive credentials. As a result, employees in the Web3 industry are advised to exercise caution when receiving unsolicited job offers, especially those with excessively lucrative compensation packages.
For investors, the importance of self-custody of funds cannot be overstated. Safeguarding against the ripple effect of such breaches requires careful management of personal private keys.
It is clear that the Web3 community must remain vigilant in the face of these cyber threats. The need for advanced security measures and international collaboration has never been more pressing.
Sources:
– [CertiK](https://cryptopotato.com/north-korea-affiliated-lazarus-group-behind-coinex-hack-report/)
– [CertiK on Twitter](https://twitter.com/CertiKAlert/status/1702106802584752375)
– [CryptoPotato](https://cryptopotato.com/lazarus-group-spent-six-months-trying-to-penetrate-coinspaid-systems-for-weaknesses-report/)
SPECIAL OFFER (Sponsored):
– Binance Free $100 (Exclusive): Use this https://cryptopotato.com/lazarus-group-strikes-again-transactions-reveal-on-chain-connections-in-5-major-exploits/(https://cryptopotato.com/pl/binancebanner) to register and receive $100 free and 10% off fees on Binance Futures first month (terms).
– PrimeXBT Special Offer: Use this https://cryptopotato.com/lazarus-group-strikes-again-transactions-reveal-on-chain-connections-in-5-major-exploits/(https://cryptopotato.com/pl/primexbt2) to register & enter CRYPTOPOTATO50 code to receive up to $7,000 on your deposits.
❗Follow us on Twitter to get all the latest crypto news as soon as they're out! 🚀
About the author - J-S Tremblay
I've been involved in the cryptocurrency world since 2016 and trading since 2019. I started Moon and Lambo in 2021. I'm passionate about crypto and love to share my knowledge. I hate bankers and I hope that cryptocurrency will change the financial world for the better. View full profile...
View J-S Tremblay website
