Lazarus
Coverage of Lazarus in the Nexus archive.
- Thorchain "exploit" timeline
Thorchain has been hacked six times in five years, resulting in significant financial losses and compromised security. The hacks have occurred through different layers of the architecture, including smart contract bugs, validator software vulnerabilities, and social engineering attacks. The total loss or trapped funds amount to approximately $227 million.
- From hack to OP Stack: Ronin to migrate from gaming sidechain to Ethereum Layer 2 four years after Lazarus attack
Ronin is migrating from an Ethereum sidechain to an OP Stack Layer 2 on May 12. This migration occurs four years after the Lazarus hackers stole over $600M in crypto. The migration aims to enhance security and scalability.
- Tether froze $344M for Iran sanctions and nobody’s talking about what that means
Tether froze $344 million in USDT linked to Iran sanctions, highlighting stablecoins' role in enforcement. Crypto faced $606 million in hacks in April, with Drift Protocol and KelpDAO (both tied to Lazarus) accounting for 95% of losses. Institutional players like Grayscale and Bitmine staked $500 million in ETH.
- North Korea's Lazarus Targets macOS Users via ClickFix
North Korea's Lazarus hacking group is exploiting the ClickFix vulnerability to target macOS users, particularly Mac-centric organizations and high-value leaders, for initial access and data theft. The attack highlights ongoing cyber threats leveraging known vulnerabilities against specific platforms and targets.
- Lazarus-linked macOS malware hits crypto and fintech firms
Security researchers identified a new macOS malware called 'Mach-O Man' linked to the Lazarus hacking group, targeting cryptocurrency and fintech companies to steal credentials and infiltrate corporate systems.
- Lazarus-linked macOS malware hits crypto and fintech firms
Security researchers have linked a new macOS malware called 'Mach-O Man' to a Lazarus cyber campaign. The malware uses fake meeting invites and ClickFix prompts to steal credentials and access systems in crypto and fintech firms.
- LayerZero blames Kelp's setup for $290 million exploit, attributes it to North Korea's Lazarus
LayerZero attributed a $290 million exploit to a misconfigured Kelp Finance setup, claiming the attack was carried out by North Korea's Lazarus hacking group. The incident highlights vulnerabilities in blockchain infrastructure and state-sponsored cyber threats.
- LayerZero says North Korea’s Lazarus likely behind Kelp DAO exploit; blames single-point setup
LayerZero attributes the Kelp DAO exploit to North Korea's Lazarus group, citing a single-point setup vulnerability. The DeFi sector's total value locked dropped 7% to $86 billion in 24 hours.
- LayerZero blames Kelp's setup for $290 million exploit, attributes it to North Korea's Lazarus
LayerZero attributes a $290 million exploit to a misconfigured Kelp setup and links it to North Korea's Lazarus hacking group. The incident highlights vulnerabilities in blockchain infrastructure and geopolitical cybersecurity threats.