‘You call Me Teacher and Lord, and rightly so, because I am.’
- Book of John, Chapter of Lazarus, V13:13
In 2007, the first domino in a series of strategized and executed attacks were launched against South Korean government databases and remote servers. The attack utilised first generation Malware, and went on to spark off future attacks on South Korean Organisations and American Corporations till 2013.
In 2013, a cyber-attack which was dubbed as ’10 Days of Rain’, ravaged South Korean institutions with the help of the WannaCry ransom-ware. The cybernetic onslaught ensued till the infamous DarkSeoul breach, where a defined ‘wiper attack’ decimated various South Korean broadcast networks, financial institutions and one ISP (Internet Service Provider). Speculation was thrown around! Who could have been behind such a devastating and planned digital infiltration? Local hacker-groups like the NewRomanic Cyber Army Team and the Whols Team were quick to rise above the noise and claim sole responsibility.
However, after carefully scrutinizing the source code and pattern of re-usage within the malware code, scientists have confirmed links to a diabolic and magnanimous group of cyber-terrorists, who still remain at large. The Lazarus Group.
The North Korean Cyber-Terrorist Organisation has its roots firmly planted in the annals of grand larceny. The troop has amassed over 1 Billion USD, through systematically infiltrating bank servers, and removing copious amounts from them. Some of the notable heists that they have pulled off include lifting 12 Million USD from the Banco del Austro in Ecuador, 60 Million USD off of the Far Eastern International Bank and a whopping 81 Million USD from Bangladesh Bank’s coffers.
Yet, their notoriety doesn’t pertain solely to monetary gains. The Lazarus Group was the sole perpetrator behind the infamous Sony Entertainment hack. The group gained access to a whole cache of unreleased films, corporate videos and all the personal details of around 4,000 Sony employees. But the most sensitive information that was procured and exposed to the public revolved around certain speculative procedures in Sony’s operations and ethics! This entire breach crippled Sony’s network for days.
And with computational efficiency, the group slipped back into obscurity!
Fast forwarding to 2018, the year is coming to an end, and the world of Blockchain Technology is on an economical high. The market is moving towards its projected 1 Trillion USD market-cap. Digital exchange Coinbase raised 300 Million in its Series E funding, taking it to the 1 Billion USD evaluation mark. The market is in bliss and as promising as ever.
However amidst the bonhomie, embezzlement scams and frivolous ICOs have started to erupt across every corner of the globe. And the hounds were quick to sniff it out.
The Lazarus Group infiltrated 14 digital exchanges over the last 18 months, and siphoned off over 571 Million USD worth of cryptocurrencies. But analysts and researchers say this number is grossly misrepresented, as there were other thefts worth over 500 Million USD that haven’t been tied back to the North Korean Cyber-Terrorists.
Over the last 2 years, close to 882 Million USD worth of digital assets were pulled out of Crypto-Exchanges through these hacks. So the Lazarus Group accounts for 65% of the global statistic. The cluster have also targeted relatively newer ICOs who have raised certain monetary sums in their respective rounds of funding.
In an exclusive with Business Insider, Senior Analyst for McAfee, Ryan Sherstobitoff, stated that “It’s becoming more organized than when they [Lazarus] first started targeting cryptocurrencies. They’re now finding ways so that they can send it out to 300 organizations and hit two percent of them successfully.”
The pack have deigned a spear phishing campaign, which is designed to target active job-seekers in the market. A document that poses as a job application for the position of a bank executive in Hong Kong contained the malicious malware. And unsuspecting users were tricked into enabling it through a push notification. The malware then scans the system for crypto-wallets, and removes portions off of it, or the entire wallet as a whole.
This has drawn serious concern over safety protocols that are employed across digital wallets and ICOs. Another blaring question is that if cryptocurrencies’ main agenda is to wipe out financial crimes and increase security in regard to monetary fulfillment, has this incident proved that no amount of security is enough to prevent detailed hacks and threats? All this at a time when new nations have started opening their doors to innovative technologies and futuristic inventions to help resolve these exact problems! The World AI Show and World Blockchain Summit, hosted by Trescon from the 28th – 30th of November in Port Louis, is a summit looking to open up the Mauritian economy to disruptive technology for economic betterment. The summit will also be featuring an array of internationally renowned speakers and innovators, as well as the Mauritian Prime Minister Mr Pravind Jugnauth.
This piece has been published exactly as submitted by the Trescon Global Team.