Bitget App
Trade smarter
Buy cryptoMarketsTradeFuturesCopyBotsEarn
North Korea’s Lazarus Group poses as Fenbushi executive: SlowMist

North Korea’s Lazarus Group poses as Fenbushi executive: SlowMist

The BlockThe Block2024/04/29 08:28
By:The Block

SlowMist’s information security chief alerted that a hacker from North Korea’s Lazarus Group is posing as an executive member of asset management firm Fenbushi Capital. Lazarus usually impersonates an investor to target prominent DeFi projects, SlowMist said.

North Korea’s Lazarus Group poses as Fenbushi executive: SlowMist image 0The North Korea-backed cyber-hacker entity Lazarus Group is targeting LinkedIn users by impersonating an executive member of Chinese blockchain asset management firm Fenbushi Capital, security firm SlowMist said Monday.

SlowMist’s chief information security officer posted a screenshot on X that shows the scam LinkedIn user under the name “Nevil Bolson” who claimed to be the founding partner at Fenbushi. The impostor’s profile picture was taken from real Fenbushi Capital partner Remington Ong, according to 23pds.

The Block confirmed that Lazarus Group’s fake LinkedIn user page remains live at publication time. “Looking for Software developers. Please reach out to me for more discussion,” the impostor posted on LinkedIn three weeks ago.

“Lazarus would use this impostor to chat privately with their targets on LinkedIn, chatting in the name of investment, and then would say, ‘let’s set up a meeting,’” 23pds told The Block. 

SlowMist said in a blog post that Lazarus targets prominent DeFi projects, which is one of the reasons the hacker group poses as a member of an investment company. After the hackers gain the victim’s trust, Lazarus inserts malicious links that pose as a meeting link or an events page, which will launch a phishing attack when clicked.

The SlowMist CISO told The Block that they identified “Nevil Bolson” as a part of Lazarus by comparing IP addresses on top of using the same attack strategy.

North Korea’s state-backed crypto hacker groups earned the country around 50% of its foreign currency, a large share of which was reportedly used for developing weapons of mass destruction, according to the UN Security Council.

About $1.7 billion worth of funds were stolen from the crypto space across 231 hacks, according to blockchain analytics firm Chainalysis.

0

Disclaimer: The content of this article solely reflects the author's opinion and does not represent the platform in any capacity. This article is not intended to serve as a reference for making investment decisions.

PoolX: Locked for new tokens.
APR up to 10%. Always on, always get airdrop.
Lock now!