North Korean hacker group Lazarus is reportedly behind the DragonEx attack
- In March 2019, the hackers stole around $7 million in various cryptos from the DraginEx exchange.
- The group reportedly created a fake company and training bot to phish the exchange’s employees and access the funds.
According to Chainalysis reports, the North Korean hacking group called Lazarus has targeted many crypto exchanges last year. One of these attacks involved the hack of DragonEx exchange.
In March 2019, the hackers stole around $7 million in various cryptos from the exchange. Lazarus used a sophisticated phishing attack where they created a website and social media presence for a fake firm called WFC Proof. This supposed firm then created a realistic training bot, which was offered to the employees of DragonEx.
Although the software looked like a real training bot, it contained malware that could hijack the computer it infected. Later, the software was installed in a machine that had the private keys to DragonEx’s hot wallet. This enabled Lazarus to steal the funds. The hackers appeared to be well versed in cryptocurrencies and had issued an ironic warning asking people not to let anyone access personal private keys on the website.
Author
Rajarshi Mitra
Independent Analyst
Rajarshi entered the blockchain space in 2016. He is a blockchain researcher who has worked for Blockgeeks and has done research work for several ICOs. He gets regularly invited to give talks on the blockchain technology and cryptocurrencies.
