The analytical company Chainalysis conducted an investigation and found out that the hacking of the Singapore exchange DragonEx, with a high probability is the North Korean cybercrime organization Lazarus.
The hacker group Lazarus created a fictitious company that promoted an allegedly automated trading robot. A fake website and fake employees were used to implement the planned plans. They also contacted key DragonEx representatives.
DragonEx employees downloaded a trial version of the software offered to them and thus gave hackers access to their computers. As a result, approximately $7 million in bitcoins, riplas, litecoin and other cryptocurrencies were stolen from the exchange.
Representatives of Chainalysis note that the work done by hackers indicates their high level of training. They go beyond the traditional framework of sending emails and using small-scale phishing sites.
“The DragonEx hack suggests that hackers are deeply aware of the work of the cryptocurrency ecosystem. They know what they need to do to pass themselves off as full participants,” the company reports.
Analysts believe that Lazarus differs from other similar structures, since the main goal of the hacker group is financial gain from its activities. At the same time, other scammers are also trying to sow chaos in the process.
Earlier, Kaspersky Lab specialists have already told
about the methods that Lazarus uses to carry out successful attacks.