Search This Blog
Powered by Blogger.

Blog Archive

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label Laundering. Show all posts
North Korea Hackers
cyber attack Financial Exploit Laundering Lazarus Group Linkedin North Korea Hackers

North Korean Hackers Exploit LinkedIn in Targeted Attacks

 


The North Korean hacker group Lazarus has once again made headlines, this time for exploiting LinkedIn in their cyber operations. According to a report by blockchain security analytics firm SlowMist, Lazarus hackers are leveraging the professional networking platform to target unsuspecting users and pilfer their assets through malware attacks.


LinkedIn Used as a Trojan Horse

This involves Lazarus members masquerading as blockchain developers seeking employment opportunities in the cryptocurrency industry. By posing as job seekers, they lure in vulnerable targets, enticing them to share access to their code repositories under the guise of collaborative work. However, the innocuous-seeming code snippets provided by the hackers contain malicious elements designed to syphon off confidential information and assets from the victims' systems.


History of Innovation in Cybercrime

This tactic isn't new for Lazarus, as they previously employed a similar strategy in December 2023, posing as recruiters from Meta. Back then, they convinced victims to download malware-infected coding challenges, which, when executed, granted remote access to their computers.


Lazarus: A Cyber Threat

Lazarus has earned a notorious reputation in the cybersecurity realm since its emergence in 2009. The group is infamous for orchestrating some of the largest cryptocurrency heists, including the 2022 Ronin Bridge hack, which saw a staggering $625 million being stolen.


Laundering Techniques

Once they've plundered their ill-gotten gains, Lazarus employs sophisticated techniques, such as crypto mixing services, to launder the funds back to North Korea. Reports suggest these funds are funnelled into financing the country's military endeavors.


Industry Response and Countermeasures

In response to persistent cyber threats, crypto companies are advocating for heightened security measures and conducting awareness seminars to educate employees about potential risks. The industry's proactive stance has led to the implementation of robust security protocols and increased investment in cybersecurity to safeguard against data breaches and financial theft.


The recent exploits by Lazarus serve as a stark reminder of the ever-present dangers lurking in the digital realm. As cyber threats continue to expand, it's imperative for individuals and organisations alike to remain careful and adopt proactive measures to mitigate risks and be digitally secured.


By staying informed and proactive, investors, traders, and social media users can collectively work towards thwarting cyber threats and safeguarding digital assets in an increasingly interconnected world.


Read more »
TrendMicro
Bitcoin Canti Conti CorvusInsurance Cyber Crime Cybersecurity Darkweb DigitalCurrency Elliptic Extortion Garantex Hackers Laundering Ransomware TrendMicro

Researchers: 'Black Basta' Group Rakes in Over $100 Million

 

A cyber extortion group believed to be an offshoot of the infamous Russian Conti hacker organization has reportedly amassed over $100 million since its emergence last year, according to a report published on Wednesday by digital currency tracking service Elliptic and Corvus Insurance.

The group, known as "Black Basta," has allegedly extorted at least $107 million in bitcoin, with a significant portion of the laundered ransom payments flowing to the sanctioned Russian cryptocurrency exchange Garantex, as revealed in the joint report. Attempts to contact Black Basta through its dark web site were unsuccessful. Garantex, which faced U.S. Treasury sanctions in April of the previous year, expressed support for global initiatives combatting cybercrime and urged information-sharing regarding the hackers' finances, pledging to block suspicious funds.

Elliptic co-founder Tom Robinson characterized Black Basta's substantial earnings as making it "one of the most profitable ransomware strains of all time." The researchers arrived at this figure by identifying known ransom payments linked to the group, tracing the laundering of digital currency, and discovering additional payments.

Robert McArdle, a cybercrime expert from security firm TrendMicro not involved in the report, deemed the reported Black Basta figure "certainly in a believable range for their operations."

The Elliptic-Corvus report also presented evidence linking Black Basta to the now-defunct Russian group "Canti." Conti, formerly a prominent ransomware gang, gained notoriety for coercing victims through data encryption, ransom demands, and threats to publish stolen information. 

The report suggests that individuals from Conti, following the dismantling of its leak site after Russia's invasion of Ukraine and the subsequent posting of U.S. bounties on its leadership, may have reorganized and rebranded, with Black Basta potentially being a manifestation of this restructuring.

"Conti was perhaps the most successful ransomware gang we've seen," remarked Robinson. The recent findings indicate that some individuals responsible for Conti's success might be replicating it with the Black Basta ransomware, he added.
Read more »
Subscribe to: Posts (Atom)