Lazarus Group News

News
Google Cloud flags North Korea-linked crypto malware campaign
Feb 11, 2026
by Zoltan Vardai
Mandiant, which operates under Google Cloud, has tracked the suspected North Korean scammers since 2018, and AI has helped scale up malicious attacks since November 2025.
2962
News
Crypto hack counts fall but supply chain attacks reshape threat landscape
Dec 23, 2025
by Zoltan Vardai
Concerns about code vulnerabilities are fading in the crypto space, but more sophisticated scam tactics are emerging as protocol security improves.
4209
News
Spear phishing is North Korean hackers’ top tactic: How to stay safe
Dec 01, 2025
by Stephen Katte
New technologies, such as artificial intelligence, will only make bad actors more efficient and their attacks more sophisticated in 2026, cybersecurity company AhnLab predicts.
3543
News
Bybit hack: ‘Reckoning’ that led SafeWallet to rearchitect its systems
Nov 07, 2025
by Gareth Jenkinson
Ethereum smart account wallet platform SafeWallet has rearchitected its systems in the wake of the infamous $1.5 billion theft of ETH from Bybit.
3478
News
Balancer hack shows signs of months-long planning by skilled attacker
Nov 04, 2025
by Zoltan Vardai
The $116 million Balancer exploit appears to have been months in the making, with the attacker utilizing Tornado Cash and advanced methods to evade detection.
7639
News
What is EtherHiding? Google flags malware with crypto-stealing code in smart contracts
Oct 17, 2025
by Vince Quill
"EtherHiding" deploys in two phases by compromising a website, which then communicates with malicious code embedded in a smart contract.
6556
News
CZ’s Google account targeted by ‘government-backed’ hackers
Oct 10, 2025
by Zoltan Vardai
Changpeng Zhao’s warning highlights a resurgence of threats from state-backed hacking groups, such as the North Korean Lazarus Group.
6332
News
Crypto needs dual wallet management, AI monitoring of North Korean hackers
Sep 26, 2025
by Zoltan Vardai
AI threat detection and enhanced wallet management may save crypto firms from North Korean infiltrators, cybersecurity experts told Cointelegraph.
3229
News
Someone counter-hacked a North Korean IT worker: Here’s what they found
Aug 14, 2025
by Brayden Lindrea
A team of North Korean IT operatives behind 31 fake identities has been linked to the $680,000 hack of fan-token marketplace Favrr in June.
54794
Explained
Why is India investigating Binance over crypto loopholes?
Jul 29, 2025
by Dilip Kumar Patairya
Binance face scrutiny as India investigates cross-border wallet flows and security risks. Globally, investigative agencies have been acting against illicit crypto funding.
Explained
How hackers stole $44M from CoinDCX without touching user wallets
Jul 24, 2025
by Marcel Deer
A $44-million breach at CoinDCX has rocked India’s CoinDCX exchange, exposing silent vulnerabilities, delayed disclosures and the fragile infrastructure.
Explained
Pro-Israel hackers took $81M in crypto — but it wasn’t about the money
Jul 21, 2025
by Ayse Karaman
A pro-Israel hacker group stole $81 million worth of crypto from Iran’s largest crypto exchange, Nobitex, adding to the conflict between the two countries.
News
CoinDCX announces white hat recovery bounty after $44M hack
Jul 21, 2025
by Zoltan Vardai
The Indian crypto exchange announced a recovery program of up to 25% for ethical hackers who can help recover the stolen stablecoins.
44814
News
Researchers foil $10M DeFi backdoor in thousands of smart contracts
Jul 10, 2025
by Ezra Reguerra
The Venn Network team suspects the threat was linked to the North Korean Lazarus Group, citing its complexity and widespread deployment.
5022
News
US sanctions North Korean tech worker crew over crypto thefts
Jul 09, 2025
by Stephen Katte
TRM Labs said North Korea is moving away from hacks to focus more on deception-based revenue generation, such as planting IT workers in US companies.
8974