Lazarus APT Jumps on ClickFix Bandwagon in Recent Attacks - #Lazarus
The Lazarus Group, a North Korean state-sponsored cyber threat actor, has significantly escalated its activities in the cryptocurrency sector. Their tactics have evolved to include sophisticated supply chain attacks, social engineering schemes like the 'ClickFake Interview' campaign, and the deployment of advanced malware such as BeaverTail and GolangGhost. The group has successfully compromised major platforms, including a record-breaking $1.5 billion theft from Bybit, amassing a Bitcoin fortune estimated at $1.12 billion. Lazarus has expanded its focus from decentralized finance to centralized finance entities, targeting both technical and non-technical roles within the industry. The group's complex structure, now viewed as a network of specialized sub-groups, has complicated attribution efforts and necessitated refined cybersecurity strategies to combat their increasingly diverse and sophisticated attacks.