Trusted

Lazarus Group Strikes Again: New Crypto Phishing Scam Targets LinkedIn Users

2 mins
Updated by Harsh Notariya
Join our Trading Community on Telegram

In Brief

  • SlowMist reveals that Lazarus Group now uses LinkedIn, impersonating Fenbushi Capital's partner.
  • Lazarus Group was reported to pose as high-level executives and HR personnel to deceive its target.
  • Lazarus Group adapts tactics, now uses new methods and crypto mixers to launder stolen funds.
  • promo

Cybersecurity firm SlowMist has uncovered a sophisticated phishing operation by the Lazarus Group, a hacker collective allegedly based in North Korea, which involved impersonating a partner of Fenbushi Capital on LinkedIn.

This scheme aimed to exploit employee access and steal their valuable crypto assets.

Crypto Phishing Attacks Escalate as Lazarus Group Targets LinkedIn

Fenbushi Capital, a blockchain venture capitalist based in Shanghai since 2015, has been at the forefront of supporting innovative projects across continents. The firm’s name and reputation in reshaping industries like finance and healthcare made it an attractive front for bad actors.

According to SlowMist’s Chief Information Security Officer, who goes by the pseudonym 23pds, the Lazarus Group crafted false identities on LinkedIn, masquerading as Fenbushi Capital partners. They initiated contact with potential targets under the guise of investment opportunities or networking at conferences.

Read more: Crypto Scam Projects: How To Spot Fake Tokens

“Watch out for the Lazarus attack on the fake Fenbushi Capital on LinkedIn!” 23pds alerted.

Last week, SlowMist already made a similar alert. The company discovered that Lazarus Group currently targets individuals via LinkedIn to steal employee privileges or assets through malware.

The method of operation was systematically deceptive. First, the hackers approached high-level executives or HR personnel through LinkedIn. They pose as job seekers specialized in React or blockchain development.

They would then encourage the unsuspecting employees to view their coding repository and execute a code demonstrating their proficiency. However, this code was malicious, designed to compromise system security and facilitate unauthorized access.

This strategy was not Lazarus Group’s first venture using LinkedIn as a tool for its activities. In a notable incident from July 2023, a programmer at CoinsPaid in Estonia was duped into downloading a malicious file.

The event occurred during what was posed as a job interview over a video link. This lapse in security led to a devastating $37 million theft from CoinsPaid.

“The attack itself was very quick. They are professionals,” Pavel Kashuba, co-founder of CoinsPaid, remarked.

Further analysis by Chainalysis highlights that groups like Lazarus have adapted and refined their methods for laundering stolen funds. Following the takedown of popular mixers like Sinbad and the sanctioning of Tornado Cash, North Korean hackers have shifted to newer technologies.

They now use the Bitcoin-based mixer YoMix to obscure their transactions.

Read more: Top 7 Tornado Cash Alternatives in 2024

Lazarus Group's Newest Tactics using YoMix.io.
Lazarus Group’s Newest Tactics using YoMix.io. Source: Chainalysis

Using advanced laundering techniques such as chain hopping and cross-chain bridges, Lazarus Group has continued to enhance its strategies. They aim to evade detection and maximize the value extracted from illicit activities.

Top crypto projects in the US | November 2024
Coinbase Coinbase Explore
Coinrule Coinrule Explore
Uphold Uphold Explore
3Commas 3Commas Explore
Chain GPT Chain GPT Explore
Top crypto projects in the US | November 2024
Coinbase Coinbase Explore
Coinrule Coinrule Explore
Uphold Uphold Explore
3Commas 3Commas Explore
Chain GPT Chain GPT Explore
Top crypto projects in the US | November 2024

Disclaimer

In adherence to the Trust Project guidelines, BeInCrypto is committed to unbiased, transparent reporting. This news article aims to provide accurate, timely information. However, readers are advised to verify facts independently and consult with a professional before making any decisions based on this content. Please note that our Terms and ConditionsPrivacy Policy, and Disclaimers have been updated.

Lynn-Wang.png
Lynn Wang
Lynn Wang is a seasoned journalist at BeInCrypto, covering a wide range of topics, including tokenized real-world assets (RWA), tokenization, artificial intelligence (AI), regulatory enforcement, and investments in the crypto industry. Previously, she led a team of content creators and journalists for BeInCrypto Indonesia, focusing on the adoption of cryptocurrencies and blockchain technology in the region, as well as regulatory developments. Prior to that, at Value Magazine, she covered...
READ FULL BIO
Sponsored
Sponsored