Hackers attempted to infiltrate the account of Binance co-founder Changpeng “CZ” Zhao, signaling potential attacks from state-backed hacker groups, such as the North Korean Lazarus Group.
“Government-backed attackers” were attempting to steal Zhao’s Google password, according to a Google warning shared by CZ, who suggested that it may be another attempt by North Korea’s Lazarus Group.
“I get this warning from Google once in a while. Does anyone know what this is? North Korea Lazarus? Not that I have anything important on my account,” said Zhao in a Friday X post.
The infamous North Korean Lazarus Group is the main suspect behind some of the most devastating cryptocurrency exploits, including the $1.4 billion Bybit hack, the industry’s largest to date, which occurred on Feb. 21.
US intelligence reports highlight a “sophisticated network of agents posing as remote IT workers, which has funneled significant funds back to Pyongyang,” Anndy Lian, author and intergovernmental blockchain adviser, told Cointelegraph, adding:
“I personally know that a government official who got a similar prompt as CZ, saying that his account is detected with government-backed hackers trying to steal his password.”
“They tried to contact Google for more information, but nothing was given due to security reasons,” he said.
Related: Bybit hackers may be behind Solana memecoin scams — ZachXBT
Zhao sounds alarm on growing threat of North Korean impersonators
The attempted breach follows a period of renewed threats from North Korean hackers. It comes three weeks after Zhao sounded the alarm on the growing threat of North Korean hackers seeking to infiltrate crypto companies through employment opportunities and bribes.
“They pose as job candidates to try to get jobs in your company. This gives them a “foot in the door,” specifically for employment opportunities related to development, security and finance, wrote Zhao in a Sept. 18 X post.
Zhao’s warning came as a group of ethical hackers called Security Alliance (SEAL) compiled the profiles of at least 60 North Korean agents posing as IT workers under fake names seeking to infiltrate US crypto exchanges and steal sensitive user data.
Related: Coinbase tightens workforce security after North Korea remote-worker threats
Coinbase suffered a data breach in May that exposed sensitive information from less than 1% of the exchange’s transacting monthly users.
The data breach may cost the exchange up to $400 million in reimbursement expenses, Cointelegraph reported on May 15.
Later in June, four North Korean operatives infiltrated multiple crypto firms as freelance developers, stealing a cumulative $900,000 from these startups.
Throughout 2024, North Korean hackers stole over $1.34 billion worth of digital assets across 47 incidents, a 102% increase from the $660 million stolen in 2023, according to Chainalysis data.
Cryptocurrency companies need to strengthen their security measures against these attackers by implementing dual wallet management and real-time artificial intelligence threat monitoring, according to cybersecurity experts.
Magazine: Thailand’s ‘Big Secret’ crypto hack, Chinese developer’s RWA tokens: Asia Express
