#lazarusgroup — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #lazarusgroup, aggregated by home.social.
-
Banking Trojan Targets Crypto Firms with Sophisticated Attacks
A new banking Trojan, dubbed TCLBanker, is wreaking havoc on crypto and finance platforms, allowing hackers to remotely control infected systems and steal sensitive info. This sophisticated attack, linked to North Korea's notorious Lazarus Group, has already led to the largest crypto platform hack of 2026.
#Tclbanker #BankingTrojan #LazarusGroup #NorthKorea #CryptoFirms
-
La Corea del Nord ha rubato il 76% di tutte le criptovalute hackerate nel 2026: due attacchi, $577 milioni, e una macchina da guerra finanziata dal cyber
Con solo due operazioni nel primo quadrimestre 2026, gli hacker nordcoreani hanno sottratto $577 milioni in criptovalute — il 76% di tutti i furti crypto globali. TRM Labs documenta come Pyongyang abbia trasformato il crimine DeFi in motore finanziario del proprio programma nucleare. -
La Corea del Nord ha rubato il 76% di tutte le criptovalute hackerate nel 2026: due attacchi, $577 milioni, e una macchina da guerra finanziata dal cyber
Con solo due operazioni nel primo quadrimestre 2026, gli hacker nordcoreani hanno sottratto $577 milioni in criptovalute — il 76% di tutti i furti crypto globali. TRM Labs documenta come Pyongyang abbia trasformato il crimine DeFi in motore finanziario del proprio programma nucleare. -
La Corea del Nord ha rubato il 76% di tutte le criptovalute hackerate nel 2026: due attacchi, $577 milioni, e una macchina da guerra finanziata dal cyber
Con solo due operazioni nel primo quadrimestre 2026, gli hacker nordcoreani hanno sottratto $577 milioni in criptovalute — il 76% di tutti i furti crypto globali. TRM Labs documenta come Pyongyang abbia trasformato il crimine DeFi in motore finanziario del proprio programma nucleare. -
La Corea del Nord ha rubato il 76% di tutte le criptovalute hackerate nel 2026: due attacchi, $577 milioni, e una macchina da guerra finanziata dal cyber
Con solo due operazioni nel primo quadrimestre 2026, gli hacker nordcoreani hanno sottratto $577 milioni in criptovalute — il 76% di tutti i furti crypto globali. TRM Labs documenta come Pyongyang abbia trasformato il crimine DeFi in motore finanziario del proprio programma nucleare. -
La Corea del Nord ha rubato il 76% di tutte le criptovalute hackerate nel 2026: due attacchi, $577 milioni, e una macchina da guerra finanziata dal cyber
Con solo due operazioni nel primo quadrimestre 2026, gli hacker nordcoreani hanno sottratto $577 milioni in criptovalute — il 76% di tutti i furti crypto globali. TRM Labs documenta come Pyongyang abbia trasformato il crimine DeFi in motore finanziario del proprio programma nucleare. -
i suspect #northkorea has figured out how to use AI for #cybersecurity purposes
#crypto #DPRK #infosec #threatintel #cryptocurrency #lazarusGroup #defi
-
i suspect #northkorea has figured out how to use AI for #cybersecurity purposes
#crypto #DPRK #infosec #threatintel #cryptocurrency #lazarusGroup #defi
-
i suspect #northkorea has figured out how to use AI for #cybersecurity purposes
#crypto #DPRK #infosec #threatintel #cryptocurrency #lazarusGroup #defi
-
i suspect #northkorea has figured out how to use AI for #cybersecurity purposes
#crypto #DPRK #infosec #threatintel #cryptocurrency #lazarusGroup #defi
-
i suspect #northkorea has figured out how to use AI for #cybersecurity purposes
#crypto #DPRK #infosec #threatintel #cryptocurrency #lazarusGroup #defi
-
in the future of finance your parents' retirement savings will be able to go directly to #northkorea instead of having to make pitstops in #cambodia and #palau
https://x.com/0x_Abdul/status/2049830893209190681#crypto #defi #cryptocurrency #bitcoin #solana #ethereum #corruption #DPRK #LazarusGroup #infosec #cybersecurity #threatintel #economics #sanctions #futureoffinance
-
in the future of finance your parents' retirement savings will be able to go directly to #northkorea instead of having to make pitstops in #cambodia and #palau
https://x.com/0x_Abdul/status/2049830893209190681#crypto #defi #cryptocurrency #bitcoin #solana #ethereum #corruption #DPRK #LazarusGroup #infosec #cybersecurity #threatintel #economics #sanctions #futureoffinance
-
in the future of finance your parents' retirement savings will be able to go directly to #northkorea instead of having to make pitstops in #cambodia and #palau
https://x.com/0x_Abdul/status/2049830893209190681#crypto #defi #cryptocurrency #bitcoin #solana #ethereum #corruption #DPRK #LazarusGroup #infosec #cybersecurity #threatintel #economics #sanctions #futureoffinance
-
in the future of finance your parents' retirement savings will be able to go directly to #northkorea instead of having to make pitstops in #cambodia and #palau
https://x.com/0x_Abdul/status/2049830893209190681#crypto #defi #cryptocurrency #bitcoin #solana #ethereum #corruption #DPRK #LazarusGroup #infosec #cybersecurity #threatintel #economics #sanctions #futureoffinance
-
in the future of finance your parents' retirement savings will be able to go directly to #northkorea instead of having to make pitstops in #cambodia and #palau
https://x.com/0x_Abdul/status/2049830893209190681#crypto #defi #cryptocurrency #bitcoin #solana #ethereum #corruption #DPRK #LazarusGroup #infosec #cybersecurity #threatintel #economics #sanctions #futureoffinance
-
BlueNoroff e le riunioni Zoom fasulle: come la Corea del Nord usa l’IA e i deepfake per svuotare i portafogli crypto dei CEO
Il gruppo nordcoreano BlueNoroff ha perfezionato un attacco multi-stadio che combina deepfake generati con ChatGPT, finte videochiamate Zoom e tecniche ClickFix per compromettere i dirigenti del settore Web3 in meno di cinque minuti. Arctic Wolf documenta la pipeline di produzione deepfake che si autoalimenta partendo dai filmati rubati alle vittime precedenti. -
BlueNoroff e le riunioni Zoom fasulle: come la Corea del Nord usa l’IA e i deepfake per svuotare i portafogli crypto dei CEO
Il gruppo nordcoreano BlueNoroff ha perfezionato un attacco multi-stadio che combina deepfake generati con ChatGPT, finte videochiamate Zoom e tecniche ClickFix per compromettere i dirigenti del settore Web3 in meno di cinque minuti. Arctic Wolf documenta la pipeline di produzione deepfake che si autoalimenta partendo dai filmati rubati alle vittime precedenti. -
BlueNoroff e le riunioni Zoom fasulle: come la Corea del Nord usa l’IA e i deepfake per svuotare i portafogli crypto dei CEO
Il gruppo nordcoreano BlueNoroff ha perfezionato un attacco multi-stadio che combina deepfake generati con ChatGPT, finte videochiamate Zoom e tecniche ClickFix per compromettere i dirigenti del settore Web3 in meno di cinque minuti. Arctic Wolf documenta la pipeline di produzione deepfake che si autoalimenta partendo dai filmati rubati alle vittime precedenti. -
BlueNoroff e le riunioni Zoom fasulle: come la Corea del Nord usa l’IA e i deepfake per svuotare i portafogli crypto dei CEO
Il gruppo nordcoreano BlueNoroff ha perfezionato un attacco multi-stadio che combina deepfake generati con ChatGPT, finte videochiamate Zoom e tecniche ClickFix per compromettere i dirigenti del settore Web3 in meno di cinque minuti. Arctic Wolf documenta la pipeline di produzione deepfake che si autoalimenta partendo dai filmati rubati alle vittime precedenti. -
BlueNoroff e le riunioni Zoom fasulle: come la Corea del Nord usa l’IA e i deepfake per svuotare i portafogli crypto dei CEO
Il gruppo nordcoreano BlueNoroff ha perfezionato un attacco multi-stadio che combina deepfake generati con ChatGPT, finte videochiamate Zoom e tecniche ClickFix per compromettere i dirigenti del settore Web3 in meno di cinque minuti. Arctic Wolf documenta la pipeline di produzione deepfake che si autoalimenta partendo dai filmati rubati alle vittime precedenti. -
Crypto-Targeting North Koreans Wield Fake Zoom Meetings https://www.byteseu.com/1970418/ #APT38 #BlueNoroff #CageyChameleon #Conflicts #cybersecurity #DPRK #InformationSecurity #LazarusGroup #NickelGladstone #NorthKorea #Pyongyang #SapphireSleet #StardustChollima #TA444
-
Contagious Interview diventa un worm: Void Dokkaebi trasforma 750 repository in vettori auto-propaganti contro gli sviluppatori
Il gruppo APT nordcoreano Void Dokkaebi (Famous Chollima) ha trasformato le sue finte offerte di lavoro in un attacco supply chain capace di propagarsi automaticamente: basta aprire un repository clonato in VS Code per attivare payload nascosti in commit manipolati. A marzo 2026, Trend Micro ha mappato oltre 750 repository infetti, 500 task.json malevoli e staging C2 su Tron, Aptos e Binance Smart Chain. -
Contagious Interview diventa un worm: Void Dokkaebi trasforma 750 repository in vettori auto-propaganti contro gli sviluppatori
Il gruppo APT nordcoreano Void Dokkaebi (Famous Chollima) ha trasformato le sue finte offerte di lavoro in un attacco supply chain capace di propagarsi automaticamente: basta aprire un repository clonato in VS Code per attivare payload nascosti in commit manipolati. A marzo 2026, Trend Micro ha mappato oltre 750 repository infetti, 500 task.json malevoli e staging C2 su Tron, Aptos e Binance Smart Chain. -
Contagious Interview diventa un worm: Void Dokkaebi trasforma 750 repository in vettori auto-propaganti contro gli sviluppatori
Il gruppo APT nordcoreano Void Dokkaebi (Famous Chollima) ha trasformato le sue finte offerte di lavoro in un attacco supply chain capace di propagarsi automaticamente: basta aprire un repository clonato in VS Code per attivare payload nascosti in commit manipolati. A marzo 2026, Trend Micro ha mappato oltre 750 repository infetti, 500 task.json malevoli e staging C2 su Tron, Aptos e Binance Smart Chain. -
Contagious Interview diventa un worm: Void Dokkaebi trasforma 750 repository in vettori auto-propaganti contro gli sviluppatori
Il gruppo APT nordcoreano Void Dokkaebi (Famous Chollima) ha trasformato le sue finte offerte di lavoro in un attacco supply chain capace di propagarsi automaticamente: basta aprire un repository clonato in VS Code per attivare payload nascosti in commit manipolati. A marzo 2026, Trend Micro ha mappato oltre 750 repository infetti, 500 task.json malevoli e staging C2 su Tron, Aptos e Binance Smart Chain. -
Contagious Interview diventa un worm: Void Dokkaebi trasforma 750 repository in vettori auto-propaganti contro gli sviluppatori
Il gruppo APT nordcoreano Void Dokkaebi (Famous Chollima) ha trasformato le sue finte offerte di lavoro in un attacco supply chain capace di propagarsi automaticamente: basta aprire un repository clonato in VS Code per attivare payload nascosti in commit manipolati. A marzo 2026, Trend Micro ha mappato oltre 750 repository infetti, 500 task.json malevoli e staging C2 su Tron, Aptos e Binance Smart Chain. -
North Korea’s Lazarus suspected of stealing US$290 million in KelpDAO cyberattack https://www.byteseu.com/1954386/ #BlockchainTechnology #Coindesk #Crypto #CryptoCurrency #DeFi #DPRK #Ethereum #HenriArslanian #KelpDAO #LayerZero #LazarusGroup #NineBlocksCapitalManagement #NorthKorea #UNPanel #UnitedNations #UnitedStates
-
Lazarus Group Targets KelpDAO in $290m Crypto Heist
In a shocking crypto heist, North Korea's notorious Lazarus Group is accused of swiping $290 million from KelpDAO, raising questions about accountability in the digital age. This brazen theft is a stark reminder of the threats lurking in the shadows of the cryptocurrency world.
#LazarusGroup #NorthKorea #CryptoHeist #290mCryptoTheft #Kelpdao
-
KelpDAO suffered a staggering $290 million loss to the Lazarus Group, revealing a new frontier in DeFi attacks. This wasn't a smart contract vulnerability, but an infrastructure exploit targeting LayerZero's DVN due to KelpDAO's 1/1 verifier setup. The incident highlights how architectural choices, not just code, are now prime targets for state-sponsored hackers.
#technology #kelpdao #lazarusgroup
🤖 This post was AI-generated.
-
2/ so far the #KelpDAO / #Layer0 hack (tentatively attributed to #NorthKorea) has led to a quarter of all money being drained from #Aave and massive withdrawals across the entire #defi ecosystem.
https://protos.com/defi-sector-in-14b-meltdown-as-290m-rseth-hack-fallout-burns-aave/
#crypto #cryptocurrency #DPRK #LazarusGroup #TraderTraitor #infosec #cybersecurity
-
2/ so far the #KelpDAO / #Layer0 hack (tentatively attributed to #NorthKorea) has led to a quarter of all money being drained from #Aave and massive withdrawals across the entire #defi ecosystem.
https://protos.com/defi-sector-in-14b-meltdown-as-290m-rseth-hack-fallout-burns-aave/
#crypto #cryptocurrency #DPRK #LazarusGroup #TraderTraitor #infosec #cybersecurity
-
2/ so far the #KelpDAO / #Layer0 hack (tentatively attributed to #NorthKorea) has led to a quarter of all money being drained from #Aave and massive withdrawals across the entire #defi ecosystem.
https://protos.com/defi-sector-in-14b-meltdown-as-290m-rseth-hack-fallout-burns-aave/
#crypto #cryptocurrency #DPRK #LazarusGroup #TraderTraitor #infosec #cybersecurity
-
2/ so far the #KelpDAO / #Layer0 hack (tentatively attributed to #NorthKorea) has led to a quarter of all money being drained from #Aave and massive withdrawals across the entire #defi ecosystem.
https://protos.com/defi-sector-in-14b-meltdown-as-290m-rseth-hack-fallout-burns-aave/
#crypto #cryptocurrency #DPRK #LazarusGroup #TraderTraitor #infosec #cybersecurity
-
2/ so far the #KelpDAO / #Layer0 hack (tentatively attributed to #NorthKorea) has led to a quarter of all money being drained from #Aave and massive withdrawals across the entire #defi ecosystem.
https://protos.com/defi-sector-in-14b-meltdown-as-290m-rseth-hack-fallout-burns-aave/
#crypto #cryptocurrency #DPRK #LazarusGroup #TraderTraitor #infosec #cybersecurity
-
@jbz time to thank your nearest crypto bro for drawing all the truly scary incoming fire from #DPRK and #LazarusGroup etc.
-
@jbz time to thank your nearest crypto bro for drawing all the truly scary incoming fire from #DPRK and #LazarusGroup etc.
-
@jbz time to thank your nearest crypto bro for drawing all the truly scary incoming fire from #DPRK and #LazarusGroup etc.
-
@jbz time to thank your nearest crypto bro for drawing all the truly scary incoming fire from #DPRK and #LazarusGroup etc.
-
@jbz time to thank your nearest crypto bro for drawing all the truly scary incoming fire from #DPRK and #LazarusGroup etc.
-
another day, another $300 million #crypto hack (probably directly into #NorthKorea's nuclear weapons coffers). this time it's something called #KelpDAO.
There's a few interesting parts here:
1. KelpDAO operates through #Aave, the biggest / most important lender in "decentralized finance" (#defi) and the way the hack was pulled off managed to stick Aave with almost $300 million in bad debt (in the form of a bunch of fake #rsETH tokens, a "liquid staking token" for #ETH that i'm only going to explain if someone actually is interested and asks in the comments)
2. as a result there's a stampede to get money out of Aave. not quite a full run on the bank bc that's not really possible w/the way Aave works, but directionally similar
3. the founder of Aave mocked #DriftProtocol for being hacked for a similar amount two weeks ago as "not defi". this complicates the solution here, which is for Aave to step in and rewrite the decentralized protocol to socialize the losses onto users.
- explainer: https://x.com/ImperiumPaper/status/2045883103105737006
- bloomberg: https://www.bloomberg.com/news/articles/2026-04-19/crypto-hack-worth-290-million-triggers-defi-contagion-shock#threatintel #cybersecurity #DPRK #LazarusGroup #ethereum #StaniKlechov #DAO #infosec
-
another day, another $300 million #crypto hack (probably directly into #NorthKorea's nuclear weapons coffers). this time it's something called #KelpDAO.
There's a few interesting parts here:
1. KelpDAO operates through #Aave, the biggest / most important lender in "decentralized finance" (#defi) and the way the hack was pulled off managed to stick Aave with almost $300 million in bad debt (in the form of a bunch of fake #rsETH tokens, a "liquid staking token" for #ETH that i'm only going to explain if someone actually is interested and asks in the comments)
2. as a result there's a stampede to get money out of Aave. not quite a full run on the bank bc that's not really possible w/the way Aave works, but directionally similar
3. the founder of Aave mocked #DriftProtocol for being hacked for a similar amount two weeks ago as "not defi". this complicates the solution here, which is for Aave to step in and rewrite the decentralized protocol to socialize the losses onto users.
- explainer: https://x.com/ImperiumPaper/status/2045883103105737006
- bloomberg: https://www.bloomberg.com/news/articles/2026-04-19/crypto-hack-worth-290-million-triggers-defi-contagion-shock#threatintel #cybersecurity #DPRK #LazarusGroup #ethereum #StaniKlechov #DAO #infosec
-
another day, another $300 million #crypto hack (probably directly into #NorthKorea's nuclear weapons coffers). this time it's something called #KelpDAO.
There's a few interesting parts here:
1. KelpDAO operates through #Aave, the biggest / most important lender in "decentralized finance" (#defi) and the way the hack was pulled off managed to stick Aave with almost $300 million in bad debt (in the form of a bunch of fake #rsETH tokens, a "liquid staking token" for #ETH that i'm only going to explain if someone actually is interested and asks in the comments)
2. as a result there's a stampede to get money out of Aave. not quite a full run on the bank bc that's not really possible w/the way Aave works, but directionally similar
3. the founder of Aave mocked #DriftProtocol for being hacked for a similar amount two weeks ago as "not defi". this complicates the solution here, which is for Aave to step in and rewrite the decentralized protocol to socialize the losses onto users.
- explainer: https://x.com/ImperiumPaper/status/2045883103105737006
- bloomberg: https://www.bloomberg.com/news/articles/2026-04-19/crypto-hack-worth-290-million-triggers-defi-contagion-shock#threatintel #cybersecurity #DPRK #LazarusGroup #ethereum #StaniKlechov #DAO #infosec
-
another day, another $300 million #crypto hack (probably directly into #NorthKorea's nuclear weapons coffers). this time it's something called #KelpDAO.
There's a few interesting parts here:
1. KelpDAO operates through #Aave, the biggest / most important lender in "decentralized finance" (#defi) and the way the hack was pulled off managed to stick Aave with almost $300 million in bad debt (in the form of a bunch of fake #rsETH tokens, a "liquid staking token" for #ETH that i'm only going to explain if someone actually is interested and asks in the comments)
2. as a result there's a stampede to get money out of Aave. not quite a full run on the bank bc that's not really possible w/the way Aave works, but directionally similar
3. the founder of Aave mocked #DriftProtocol for being hacked for a similar amount two weeks ago as "not defi". this complicates the solution here, which is for Aave to step in and rewrite the decentralized protocol to socialize the losses onto users.
- explainer: https://x.com/ImperiumPaper/status/2045883103105737006
- bloomberg: https://www.bloomberg.com/news/articles/2026-04-19/crypto-hack-worth-290-million-triggers-defi-contagion-shock#threatintel #cybersecurity #DPRK #LazarusGroup #ethereum #StaniKlechov #DAO #infosec
-
another day, another $300 million #crypto hack (probably directly into #NorthKorea's nuclear weapons coffers). this time it's something called #KelpDAO.
There's a few interesting parts here:
1. KelpDAO operates through #Aave, the biggest / most important lender in "decentralized finance" (#defi) and the way the hack was pulled off managed to stick Aave with almost $300 million in bad debt (in the form of a bunch of fake #rsETH tokens, a "liquid staking token" for #ETH that i'm only going to explain if someone actually is interested and asks in the comments)
2. as a result there's a stampede to get money out of Aave. not quite a full run on the bank bc that's not really possible w/the way Aave works, but directionally similar
3. the founder of Aave mocked #DriftProtocol for being hacked for a similar amount two weeks ago as "not defi". this complicates the solution here, which is for Aave to step in and rewrite the decentralized protocol to socialize the losses onto users.
- explainer: https://x.com/ImperiumPaper/status/2045883103105737006
- bloomberg: https://www.bloomberg.com/news/articles/2026-04-19/crypto-hack-worth-290-million-triggers-defi-contagion-shock#threatintel #cybersecurity #DPRK #LazarusGroup #ethereum #StaniKlechov #DAO #infosec
-
Laptop farm DPRK smantellata: 9 anni a Kejia Wang, infiltrati in oltre 100 aziende USA e rubato codice ITAR a un defense contractor
Il DOJ ha inflitto le prime pene a doppia cifra di anni a facilitator statunitensi dello schema 'IT worker' nordcoreano. Kejia e Zhenxing Wang, 9 e 7 anni e 8 mesi, hanno gestito dal New Jersey decine di laptop aziendali via KVM per mascherare tecnici DPRK collegati a oltre 100 aziende USA, incluse Fortune 500. Bottino: 5 milioni per Pyongyang e codice sorgente ITAR-controlled sottratto a un fornitore militare californiano. -
Laptop farm DPRK smantellata: 9 anni a Kejia Wang, infiltrati in oltre 100 aziende USA e rubato codice ITAR a un defense contractor
Il DOJ ha inflitto le prime pene a doppia cifra di anni a facilitator statunitensi dello schema 'IT worker' nordcoreano. Kejia e Zhenxing Wang, 9 e 7 anni e 8 mesi, hanno gestito dal New Jersey decine di laptop aziendali via KVM per mascherare tecnici DPRK collegati a oltre 100 aziende USA, incluse Fortune 500. Bottino: 5 milioni per Pyongyang e codice sorgente ITAR-controlled sottratto a un fornitore militare californiano. -
Laptop farm DPRK smantellata: 9 anni a Kejia Wang, infiltrati in oltre 100 aziende USA e rubato codice ITAR a un defense contractor
Il DOJ ha inflitto le prime pene a doppia cifra di anni a facilitator statunitensi dello schema 'IT worker' nordcoreano. Kejia e Zhenxing Wang, 9 e 7 anni e 8 mesi, hanno gestito dal New Jersey decine di laptop aziendali via KVM per mascherare tecnici DPRK collegati a oltre 100 aziende USA, incluse Fortune 500. Bottino: 5 milioni per Pyongyang e codice sorgente ITAR-controlled sottratto a un fornitore militare californiano. -
Laptop farm DPRK smantellata: 9 anni a Kejia Wang, infiltrati in oltre 100 aziende USA e rubato codice ITAR a un defense contractor
Il DOJ ha inflitto le prime pene a doppia cifra di anni a facilitator statunitensi dello schema 'IT worker' nordcoreano. Kejia e Zhenxing Wang, 9 e 7 anni e 8 mesi, hanno gestito dal New Jersey decine di laptop aziendali via KVM per mascherare tecnici DPRK collegati a oltre 100 aziende USA, incluse Fortune 500. Bottino: 5 milioni per Pyongyang e codice sorgente ITAR-controlled sottratto a un fornitore militare californiano. -
Laptop farm DPRK smantellata: 9 anni a Kejia Wang, infiltrati in oltre 100 aziende USA e rubato codice ITAR a un defense contractor
Il DOJ ha inflitto le prime pene a doppia cifra di anni a facilitator statunitensi dello schema 'IT worker' nordcoreano. Kejia e Zhenxing Wang, 9 e 7 anni e 8 mesi, hanno gestito dal New Jersey decine di laptop aziendali via KVM per mascherare tecnici DPRK collegati a oltre 100 aziende USA, incluse Fortune 500. Bottino: 5 milioni per Pyongyang e codice sorgente ITAR-controlled sottratto a un fornitore militare californiano.