Lazarus Group (APT38) Targets Crypto Sector with Sophisticated Phishing Campaign
Contents
Breaking: Lazarus Group (APT38) Targets Crypto Sector with Sophisticated Phishing Campaign
2025/08/28 18:00:03
Custom Image
Summary
KuCoin's security team has recently identified new phishing attack samples linked to the notorious Lazarus Group (APT38) — a state-sponsored hacking collective known for its financially motivated cyberattacks. Backed by significant government resources, this group remains one of the most active and dangerous threat actors in the world.
Who Are They Targeting?
Over the past decade, Lazarus Group has heavily focused on financial institutions and cryptocurrency-related businesses, employing a hybrid attack strategy—casting a wide net before zeroing in on high-value targets. Their tactics are highly adaptive, and they’ve even been caught targeting security researchers in the past to steal unreported vulnerabilities [1].
How Do They Operate?
The group employs multiple sophisticated attack vectors, including:
Spear-phishing - Fake job posts, impersonated emails, and social engineering
Watering hole attacks - Compromising frequently visited websites
Supply chain attacks - Planting malicious code in dev repositories (e.g., …
2025/08/28 18:00:03
Custom Image
Summary
KuCoin's security team has recently identified new phishing attack samples linked to the notorious Lazarus Group (APT38) — a state-sponsored hacking collective known for its financially motivated cyberattacks. Backed by significant government resources, this group remains one of the most active and dangerous threat actors in the world.
Who Are They Targeting?
Over the past decade, Lazarus Group has heavily focused on financial institutions and cryptocurrency-related businesses, employing a hybrid attack strategy—casting a wide net before zeroing in on high-value targets. Their tactics are highly adaptive, and they’ve even been caught targeting security researchers in the past to steal unreported vulnerabilities [1].
How Do They Operate?
The group employs multiple sophisticated attack vectors, including:
Spear-phishing - Fake job posts, impersonated emails, and social engineering
Watering hole attacks - Compromising frequently visited websites
Supply chain attacks - Planting malicious code in dev repositories (e.g., …