Lazarus Group News

News
North Korean workers have been infiltrating DeFi for 7 years: Researcher
Apr 06, 2026
by Martin Young
Security researcher Taylor Monahan listed at least 40 decentralized finance platforms she claims have been infiltrated by North Korean IT workers at some stage of their lives.
2079
News
Crypto attorney says Drift incident may qualify as ‘civil negligence’
Apr 05, 2026
by Vince Quill
The $280 million Drift Protocol attack was likely carried out by threat actors aligned with North Korea state-affiliated hackers.
1834
News
Bitrefill links Lazarus Group to employee laptop hack, stolen funds
Mar 18, 2026
by Brayden Lindrea
Bitrefill didn’t reveal how much money was drained in the March 1 incident but said it will absorb the losses using its operational capital.
2269
News
Google Cloud flags North Korea-linked crypto malware campaign
Feb 11, 2026
by Zoltan Vardai
Mandiant, which operates under Google Cloud, has tracked the suspected North Korean scammers since 2018, and AI has helped scale up malicious attacks since November 2025.
3802
News
Crypto hack counts fall but supply chain attacks reshape threat landscape
Dec 23, 2025
by Zoltan Vardai
Concerns about code vulnerabilities are fading in the crypto space, but more sophisticated scam tactics are emerging as protocol security improves.
4263
News
Spear phishing is North Korean hackers’ top tactic: How to stay safe
Dec 01, 2025
by Stephen Katte
New technologies, such as artificial intelligence, will only make bad actors more efficient and their attacks more sophisticated in 2026, cybersecurity company AhnLab predicts.
3575
News
Bybit hack: ‘Reckoning’ that led SafeWallet to rearchitect its systems
Nov 07, 2025
by Gareth Jenkinson
Ethereum smart account wallet platform SafeWallet has rearchitected its systems in the wake of the infamous $1.5 billion theft of ETH from Bybit.
3505
News
Balancer hack shows signs of months-long planning by skilled attacker
Nov 04, 2025
by Zoltan Vardai
The $116 million Balancer exploit appears to have been months in the making, with the attacker utilizing Tornado Cash and advanced methods to evade detection.
7657
News
What is EtherHiding? Google flags malware with crypto-stealing code in smart contracts
Oct 17, 2025
by Vince Quill
"EtherHiding" deploys in two phases by compromising a website, which then communicates with malicious code embedded in a smart contract.
6580
News
CZ’s Google account targeted by ‘government-backed’ hackers
Oct 10, 2025
by Zoltan Vardai
Changpeng Zhao’s warning highlights a resurgence of threats from state-backed hacking groups, such as the North Korean Lazarus Group.
6366
News
Crypto needs dual wallet management, AI monitoring of North Korean hackers
Sep 26, 2025
by Zoltan Vardai
AI threat detection and enhanced wallet management may save crypto firms from North Korean infiltrators, cybersecurity experts told Cointelegraph.
3266
News
Someone counter-hacked a North Korean IT worker: Here’s what they found
Aug 14, 2025
by Brayden Lindrea
A team of North Korean IT operatives behind 31 fake identities has been linked to the $680,000 hack of fan-token marketplace Favrr in June.
54860
News
CoinDCX announces white hat recovery bounty after $44M hack
Jul 21, 2025
by Zoltan Vardai
The Indian crypto exchange announced a recovery program of up to 25% for ethical hackers who can help recover the stolen stablecoins.
44835
News
Researchers foil $10M DeFi backdoor in thousands of smart contracts
Jul 10, 2025
by Ezra Reguerra
The Venn Network team suspects the threat was linked to the North Korean Lazarus Group, citing its complexity and widespread deployment.
5043
News
US sanctions North Korean tech worker crew over crypto thefts
Jul 09, 2025
by Stephen Katte
TRM Labs said North Korea is moving away from hacks to focus more on deception-based revenue generation, such as planting IT workers in US companies.
8997