The expert discovered the user ‘Nevil Bolson’, allegedly a founding partner of the blockchain-focused Chinese asset management firm Fenbushi Capital. The attackers stole a photo from the page of a real company representative, Remington Ong. The faked profile was linked to the Lazarus Group thanks to matching IP addresses and a typical attack strategy.
According to a U.N. Security Council report, North Korean hackers often use phishing with social engineering techniques. Combined with the extensive technical data of the company’s computer system and the vulnerabilities present, the group finds an opportunity to compromise private keys. One of the Lazarus Group’s latest conquests was the gaming platform Munchables.
Crypto expert ZachXBT claims that, between 2020 and 2023, Lazarus Group laundered $200 million through more than 25 crypto-to-fiat hacks. However, $374,000 of the stolen money was frozen in November 2023, and an undisclosed amount was frozen on centralized exchanges in the fourth quarter of 2023.