Those in the crypto community have been forced to become familiar with the North Korean Lazarus Group, a syndicate that continues to wreak havoc by perpetrating cyber attacks in the ecosystem.
The syndicate has been associated with the major hacks and exploits recently and last week, they were reported to have stolen $340 million worth of cryptocurrencies so far in 2023 alone.
As they continue to grow into a global threat, it is important to understand the operations of Lazarus Group, know their operational tactics and devise means to avoid falling prey.
The Lazarus Group is a North Korean state-sponsored hacking group, known for its sophisticated attacks linked to various cyberattacks and cybercriminal activities. Last year, Lazarus Group was tied to a number of high-profile cryptocurrency hacks, including the theft of $620 million from Axie Infinity bridge Ronin.
Two weeks ago, the FBI attributed Lazarus Group to a $41 million hack of the crypto gambling site Stake, which was carried out through a spear-phishing campaign that targeted some of its employees. Also last week, blockchain security firm SlowMist said the $55 million hack crypto exchange CoinEx was carried out by the North Korean state-sponsored hackers.
Interestingly, what has been noticed about these attacks is that they involve social engineering and exploiting human error. In contrast to the expected pattern of hackers either gaining physical access to devices or brute forcing passwords, most hacks actually occur through phishing and social engineering.
The latest high profile to fall prey is tech billionaire Mark Cuban who lost almost a million dollars to crypto fraud, according to reports over the weekend. With how increasingly dangerous the trend is, we have come up with 3 simple guidelines to bolster the security of your digital assets substantially.
Two-factor authentication adds an extra layer of security by requiring not only a password but also something you possess, like your smartphone. When syndicates like Lazarus Group try to breach your defences, 2FA acts as an impenetrable barrier, making it exponentially harder for them to gain access.
Enabling 2FA on your crypto exchange accounts is straightforward. Just download an authenticator app (Google Authenticator is preferable), link it to your account, and that’s all.
With this added layer of protection, you can rest easy knowing that even if your password falls into the wrong hands, your assets remain out of reach.
Hardware wallet usage
Hardware wallets are physical devices that store your digital assets offline, rendering them impervious to online threats. By keeping your crypto away from the internet’s prying eyes, you eliminate the risk of remote hacks.
Hardware wallets are not directly connected to the internet, making them highly secure against online threats like phishing attacks or malware. They provide an extra layer of protection by keeping your private keys offline and away from potential hackers. One of the most popular hardware wallets is Enjin.
To use a hardware wallet, simply transfer your crypto holdings onto the device, and store it in a secure place. Accessing your funds when needed is straightforward, ensuring that you remain in control of your wealth without exposing it to danger.
Avoid clicking suspicious social media links
The Lazarus Group is known to lure victims through enticing links on social platforms. Therefore, it’s crucial to exercise caution when encountering suspicious links or offers.
Before clicking on any link, scrutinize it for authenticity. Look out for typos or unusual URLs. Verify the source and be sceptical of too-good-to-be-true deals. If in doubt, reach out to the sender through a different channel to confirm the link’s legitimacy.
Defending your cryptocurrency investments from the North Korean Lazarus Group syndicate need not be a Herculean task. Implementing 2FA, using hardware wallets, and maintaining vigilance on social media can fortify your defences and keep your digital assets secure.
Get the best of Africa’s daily tech to your inbox – first thing every morning.
Join the community now!