Anonymous Crypto Influencer Exposes Notorious Lazarus Group in Detailed Report
The Coinmarketcap Crypto Awards 2024, awarded anonymous Crypto Influencer ZachXBT the ‘Social Influencer to Watch’ award building credibility to the newly released investigation.
The investigation delves into exploits made by the Lazarus Group going as far back as 2020. He tracks the movement of the funds on the blockchain from the point of exploit to instances where they were converted to Fiat or frozen.
A look into the attacks
According to his investigation, the Lazarus Group used well-known yet sophisticated methods to exploit their victims. In ZachXBT’s words, the Lazarus Group is ‘financially motivated utilizing malware custom built for each target.’
ZachXBT compiled attacks from over 20 hacks, resulting in hundreds of millions of U.S. dollars laundered. Some victims included Coinberry, Unibright, Coinmetro, Nexus Mutual Founder, EasyFi, Bondly, MGNR, Polyplay, bZx, and Coinshift.
Most of the attacks were social engineered, with themes used for attack repeating over multiple victims. One method involved phishing emails that installed malicious software in victim computers.
Phishing email allegedly used by Lazarus Group.
Another social engineering attack involved chatting up team members before sending them a file that contained malicious software.
The attacks involved stealing private keys and using them to exploit vulnerable contracts.
Investigations
The Lazarus Group did not owe up to the attacks. ZachXBT used ingenuity to unravel the attacks and connect all of them to the group.
According to the investigation, the stolen funds were laundered through crypto-mixing services such as Tornado Cash. ZachXBT exposed how he navigated the mixing services to trace the movement of the funds.
After the exploits, some funds ended up in Binance crypto exchanges, Noones, and Paxful P2P exchanges, which were exchanged with Fiat. Some of the funds were also frozen.
Who is the Lazarus group?
The Lazarus Group is notorious for cyber attacks and crimes motivated by financial exploits. The groups’ misdealings can be traced as far back as 2009, with victims including Sony Pictures and Bangladesh Bank, and 2020 for Decentralized Finance (DeFi) protocols.
Who is ZachXBT?
ZachXBT is an anonymous blockchain analyst famous for exposing unethical practices and hacks on his X account.
His true identity remains unknown; however, a tweet he made on January 16, 2023, hinted at Zachary as his first name.
ZachXBT has over 570K followers on X. He also blogs some detailed investigations on mirror.xyz. Most of the pseudonym’s fame arises from his extensive on-chain analysis, which he details on X threads.
Read More
Anonymous Crypto Influencer Exposes Notorious Lazarus Group in Detailed Report
The Coinmarketcap Crypto Awards 2024, awarded anonymous Crypto Influencer ZachXBT the ‘Social Influencer to Watch’ award building credibility to the newly released investigation.
The investigation delves into exploits made by the Lazarus Group going as far back as 2020. He tracks the movement of the funds on the blockchain from the point of exploit to instances where they were converted to Fiat or frozen.
A look into the attacks
According to his investigation, the Lazarus Group used well-known yet sophisticated methods to exploit their victims. In ZachXBT’s words, the Lazarus Group is ‘financially motivated utilizing malware custom built for each target.’
ZachXBT compiled attacks from over 20 hacks, resulting in hundreds of millions of U.S. dollars laundered. Some victims included Coinberry, Unibright, Coinmetro, Nexus Mutual Founder, EasyFi, Bondly, MGNR, Polyplay, bZx, and Coinshift.
Most of the attacks were social engineered, with themes used for attack repeating over multiple victims. One method involved phishing emails that installed malicious software in victim computers.
Phishing email allegedly used by Lazarus Group.
Another social engineering attack involved chatting up team members before sending them a file that contained malicious software.
The attacks involved stealing private keys and using them to exploit vulnerable contracts.
Investigations
The Lazarus Group did not owe up to the attacks. ZachXBT used ingenuity to unravel the attacks and connect all of them to the group.
According to the investigation, the stolen funds were laundered through crypto-mixing services such as Tornado Cash. ZachXBT exposed how he navigated the mixing services to trace the movement of the funds.
After the exploits, some funds ended up in Binance crypto exchanges, Noones, and Paxful P2P exchanges, which were exchanged with Fiat. Some of the funds were also frozen.
Who is the Lazarus group?
The Lazarus Group is notorious for cyber attacks and crimes motivated by financial exploits. The groups’ misdealings can be traced as far back as 2009, with victims including Sony Pictures and Bangladesh Bank, and 2020 for Decentralized Finance (DeFi) protocols.
Who is ZachXBT?
ZachXBT is an anonymous blockchain analyst famous for exposing unethical practices and hacks on his X account.
His true identity remains unknown; however, a tweet he made on January 16, 2023, hinted at Zachary as his first name.
ZachXBT has over 570K followers on X. He also blogs some detailed investigations on mirror.xyz. Most of the pseudonym’s fame arises from his extensive on-chain analysis, which he details on X threads.
Read More