Lazarus Group Continues Crypto Laundering Spree, Drops New Malware Strains
March 14, 2025
After its high-profile heist on Bybit, North Korea-backed Lazarus Group has been spotted laundering funds on sanctioned mixers and spreading new strains of malware.
Lazarus Group’s crypto heist streak
Lazarus Group rose to infamy due to its predilection for high-profile crypto heists. Some of the cybercrime syndicate’s most notable campaigns include the $625 million Ronin network hack in 2022, KuCoin’s $280 million heist in 2020, and last month’s $1.5 billion theft from a Bybit hot wallet.
Despite the best efforts of authorities and other entities to prevent that, Lazarus Group has already moved most of the stolen proceeds.
Stolen crypto moved through Tornado Cash mixer
Blockchain security firm CertiK recently announced on X that the group has been spotted moving 400 ETH (roughly $750,000) through the US-sanctioned Tornado Cash crypto mixer platform.
We have detected deposit of 400 ETH in Tornado.Cash on Ethereum from:
0xdB31a812261d599A3fAe74Ac44b1A2d4e5d00901
0xB23D61CeE73b455536EF8F8f8A5BadDf8D5af848.
The fund traces to the Lazarus group's activity on the Bitcoin network.
New malware strains used in campaigns
Aside from its relentless laundering, Lazarus Group has also been spotted dropping new malware strains in various campaigns, aiming to steal more cryptocurrency, achieve persistence with backdoors, and steal credentials.
As CoinTelegraph reported, perpetrators already deployed a strain dubbed “BeaverTail,” obfuscating it in packages mimicking legitimate libraries using typosquatting tactics.
In other words, the group hides malicious code by using names resembling well-reputed, legitimate libraries.
Safeguarding against crypto scams and other threats
While crypto assets have paved the way for anonymous payments, investment opportunities and inflation protection, they have also piqued the interest of threat actors.
Although Lazarus Group exploited smart contract features in Bybit’s record heist, other malicious actors could use different techniques such as crypto scams against smaller targets like individual investors.
Understanding how scammers operate can improve your odds of keeping your crypto assets safe.
Dedicated software like Bitdefender Ultimate Security can also boost security by neutralizing viruses, worms, rootkits, Trojans, zero-day exploits, ransomware, spyware, and other digital threats.
tags
Author
Vlad's love for technology and writing created rich soil for his interest in cybersecurity to sprout into a full-on passion. Before becoming a Security Analyst, he covered tech and security topics.
View all postsRight now Top posts
Outpacing Cyberthreats: Bitdefender Together with Scuderia Ferrari HP in 2025
March 12, 2025
Streamjacking Scams On YouTube Leverage CS2 Pro Player Championships to Defraud Gamers
February 20, 2025
How to Identify and Protect Yourself from Gaming Laptop Scams
February 11, 2025
Your Device ‘Fingerprint’ Will Go to Advertisers Starting February 2025
December 24, 2024
FOLLOW US ON SOCIAL MEDIA
You might also like
Bookmarks
