The Lords Group, which is a North Korean -affiliated hacker collective, has transferred the crypto asset using the mixers after a high profile hack series.
On March 13, the Blockchain Seritic Security Company warned its X -based followers that it had identified a deposit of about $ 750,000 of 400 ETH (ETH) in the Mixing Tornado Cash service.
“Fund Bitcoin is attributed to the Lands Group’s activity on the network”, Witnessed the company.
The North Korean hacker group was responsible for the former bytening exchange masf, which stole $ 1.4 billion in the crypto asset on February 21.
The exchange was also linked to the hacking of the Femx, which was worth $ 29 million in January, and has been recycing the asset since then.
Crypto asset movements of the Lords Group. Source: Certificate
Lazaris has also been linked to some of the famous episodes of crypto hacking, including a $ 600 million Ronin network hack in 2022.
According to Chinalsus data, in 2024, North Korean hackers stole more than $ 1.3 billion in crypto assets in 47 accidents, increasing theft of 2023.
A new Landsted Malware detected
According to researchers at the cybersix socket, the Lazaris group has distributed six new packages to the developers, infiltration, stealing credentials, extracting data on crypto currencies and installing backdoor.
The Node Package Manager (NPM) has targeted the ecosystem, which is a huge set of JavaScript packages and bookstores.
Researchers discovered a malware called “Beverlettel” Add the packages that copy legitimate bookstores using typescotting tactics or methods used to deceive developers.
“In all these packages, the lords use names that imitate the loyalty of legitimate and widely reliable bookstores shops”, “ He added.
Related: Within the recycling strategy of the Lords Group
The malware also targets Crypto Purse, especially wallets and exit.
The code that shows attacks on wallet Solana. Source: socket
The attack also targeted the files of Google Chrome, brave and Firefox browsers as well as kitchen data on MacOS, especially contacted developers that can consciously install harmful packages.
Researchers observe that the attack on the Lazar is difficult. However, “The tactics, techniques and procedures observed in this NPM attack are strictly linked to the leading operations of the law.”
