A cybersecurity company has uncovered hacker groups operating outside the DPRK

​Mandiant: North Korean hackers steal cryptocurrency for the country’s needs

26.03.2022 - 09:25


2 min

ybersecurity company has uncovered hacker groups operating outside the DPRK.

What’s new? North Korea hires hackers to finance government agencies through “crypto heists.” According to a report by cybersecurity company Mandiant, the hackers are operated by RGB, North Korea’s intelligence agency (analogous to the CIA). The “Lazarus” group (the term for Korean hackers) actually has multiple units, including outside the country, Mandiant claims.

Mandiant’s report

Who are Lazarus? The hackers associated with this group have been involved in hacks of crypto firms and traditional banks for several years. They were responsible for the 2016 Bangladesh bank heist and the SWIFT system’s hack. Most of these attacks have been successful, with hackers raising more than $400 million in 2021.

Source: Cryptoslate.com

Recent hacker activity. Lazarus exploited vulnerabilities in the Google Chrome browser between January and February 2022. Google’s Threat Analysis Group (TAG) reported that state-backed North Korean hackers used a “remote code execution vulnerability in Chrome” for phishing attacks. More than 340 people have been affected by the attackers.

TAG’s report


Vasiliy Smirnov Vasiliy Smirnov

Subscribe to Getblock Magazine and stay up to date with the latest news from the world of cryptocurrencies and the digital economy