Inside Lazarus Group: Analyzing North Korea's Most Infamous Crypto Hacks
Contents
Between 2021 and 2025, the Lazarus Group—a North Korean state-sponsored hacking organization—has stolen over $5 billion in cryptocurrency, significantly disrupting the Web3 ecosystem. Their attacks have targeted major platforms, including UpBit, KuCoin, Ronin Bridge, Atomic Wallet, and most recently, Bybit.
Who Is Lazarus Group?
The Lazarus Group is a notorious hacking group associated with North Korean military intelligence. They have executed high-profile cyber attacks and, in recent years, shifted their focus to the Web3 space. These attacks serve a dual purpose: disrupting foreign entities and generating revenue to support North Korea's regime, including its nuclear and missile programs.
The Lazarus Group is infamous and known by various names, including APT 38, Labyrinth Chollima, and HIDDEN COBRA.
Early Activities
Their early cyber activities set the stage for a later focus on cryptocurrency. Here is a brief outlook on their early hack history and evolution:
- Operation Flame (2007): One of their earliest known ops. It targeted South …
Who Is Lazarus Group?
The Lazarus Group is a notorious hacking group associated with North Korean military intelligence. They have executed high-profile cyber attacks and, in recent years, shifted their focus to the Web3 space. These attacks serve a dual purpose: disrupting foreign entities and generating revenue to support North Korea's regime, including its nuclear and missile programs.
The Lazarus Group is infamous and known by various names, including APT 38, Labyrinth Chollima, and HIDDEN COBRA.
Early Activities
Their early cyber activities set the stage for a later focus on cryptocurrency. Here is a brief outlook on their early hack history and evolution:
- Operation Flame (2007): One of their earliest known ops. It targeted South …