Hackers made attempts to access the account of Binance co-founder Changpeng “CZ” Zhao, indicating possible attacks from state-sponsored hacker groups like North Korea’s Lazarus Group.
According to a Google alert shared by CZ, “government-backed attackers” were trying to obtain Zhao’s Google password, leading him to suspect another incident involving North Korea’s Lazarus Group.
“I receive this warning from Google occasionally. Does anyone know what this is? North Korea Lazarus? Not that I have anything significant on my account,” Zhao remarked in a Friday X post.
The notorious Lazarus Group from North Korea is believed to be behind some of the most catastrophic cryptocurrency breaches, including the $1.4 billion hack of Bybit, the largest in the industry to date, which occurred on February 21.
US intelligence reports emphasize a “sophisticated network of agents impersonating remote IT workers, which has rerouted substantial funds back to Pyongyang,” Anndy Lian, author and intergovernmental blockchain advisor, informed Cointelegraph, adding:
“I personally know of a government official who received a similar alert as CZ, indicating that government-backed hackers were attempting to steal his password.”
“They reached out to Google for additional information, but no details were provided due to security protocols,” he stated.
Related: Bybit hackers may be behind Solana memecoin scams — ZachXBT
Zhao raises concerns over increasing North Korean impersonation threats
This attempted breach follows a resurgence of threats from North Korean hackers. It occurs three weeks after Zhao warned about the heightened risk of North Korean hackers trying to infiltrate crypto firms through job applications and bribery.
“They present themselves as potential employees to gain a “foot in the door,” particularly for jobs in development, security, and finance,” Zhao wrote in a September 18 X post.
Zhao’s warning coincided with a revelation from a group of ethical hackers known as Security Alliance (SEAL), who identified at least 60 North Korean agents masquerading as IT professionals under fictitious identities, aiming to infiltrate US crypto exchanges and steal sensitive user information.
Related: Coinbase enhances workforce security following North Korea remote-worker threats
Coinbase experienced a data breach in May, compromising sensitive information from less than 1% of the exchange’s active monthly users.
The breach could potentially cost the exchange up to $400 million in reimbursement expenses, Cointelegraph reported on May 15.
In June, four North Korean operatives infiltrated several other crypto firms as freelance developers, collectively stealing $900,000 from these startups.
Throughout 2024, North Korean hackers seized over $1.34 billion worth of digital assets in 47 incidents, marking a 102% increase from the $660 million stolen in 2023, according to data from Chainalysis.
Experts in cybersecurity recommend that cryptocurrency companies bolster their security measures against these attackers by adopting dual wallet management and real-time artificial intelligence threat monitoring.
Magazine: Thailand’s ‘Big Secret’ crypto hack, Chinese developer’s RWA tokens: Asia Express
