Hackers made attempts to breach the account of Binance co-founder Changpeng “CZ” Zhao, indicating possible assaults from state-sponsored hacker groups, like the North Korean Lazarus Group.
A Google alert shared by CZ indicated that “government-backed attackers” were trying to access Zhao’s Google password, which he suggested might be linked to another effort by North Korea’s Lazarus Group.
“I receive this Google warning sporadically. Does anyone have insights on this? North Korea Lazarus? Not like there’s anything crucial in my account,” Zhao remarked in a Friday X post.
The notorious North Korean Lazarus Group is a primary suspect behind some of the most catastrophic cryptocurrency breaches, including the $1.4 billion Bybit hack, the largest in the industry to date, which occurred on February 21.
U.S. intelligence reports shed light on a “sophisticated network of agents posing as remote IT workers, which has channeled significant funds back to Pyongyang,” Anndy Lian, an author and intergovernmental blockchain advisor, informed Cointelegraph, adding:
“I know a government official who received a similar prompt as CZ, indicating that his account was targeted by government-backed hackers trying to steal his password.”
“They sought to reach out to Google for further information but received no response for security reasons,” he mentioned.
Related: Bybit hackers may be behind Solana memecoin scams — ZachXBT
Zhao raises concerns over increasing threat from North Korean impersonators
The attempted breach comes on the heels of heightened threats from North Korean hackers. This incident occurred three weeks after Zhao issued a warning about the escalating threat of North Korean hackers attempting to infiltrate crypto firms through job offers and bribery.
“They present themselves as job seekers to obtain positions within your company. This grants them a “foot in the door,” especially for roles related to development, security, and finance,” Zhao elaborated in a September 18 X post.
Zhao’s alert was timely, as a group of ethical hackers known as Security Alliance (SEAL) documented the profiles of at least 60 North Korean agents masquerading as IT professionals under false identities looking to penetrate U.S. crypto exchanges and obtain sensitive user information.
Related: Coinbase tightens workforce security after North Korea remote-worker threats
Coinbase faced a data breach in May that compromised sensitive details from less than 1% of the exchange’s active monthly users.
The breach could cost the exchange up to $400 million in reimbursements, as reported by Cointelegraph on May 15.
Subsequently, in June, four North Korean operatives infiltrated several crypto firms as freelance developers, collectively stealing $900,000 from these startups.
In 2024, North Korean hackers stole over $1.34 billion worth of digital assets across 47 incidents, a staggering 102% increase from the $660 million taken in 2023, according to data from Chainalysis.
Cybersecurity experts recommend that cryptocurrency companies bolster their security measures against these intruders by adopting dual wallet management and real-time artificial intelligence threat monitoring.
Magazine: Thailand’s ‘Big Secret’ crypto hack, Chinese developer’s RWA tokens: Asia Express
