The security team of Bitmex Crypto Exchange discovered a counter-operations in the organization, discovering gaps in the operations of a North Korean (DPRK) government-sponsored cyber crime network, which exposed the IP addresses, a database and tracking algorithms used by the malicious group.
Security researchers for the exchange say that there is a strong possibility that at least one hacker accidentally revealed its actual IP address, which showed the actual location of the hacker to be in Gexing, China.
Additionally, Bitmex researchers say they were able to achieve access to an example of superbase database, a platform to easily deploy database with simple interfaces for applications used by the hacking group.
As ReportThe analysis designed the unheard of the group’s low-skilled social engineering teams, which were designed to download malicious software and to ignore the victims in interacting with refined codes developed by high-tech hackers.
This asymmetry indicates that the North Korean state-based hacking organization is divided into different sub-groups, working together to work with the abilities of different levels, the BITMEX team said.
The report follows a series of high-profile hacking events, social engineering scams and blockchain and tech companies, blaming the Lazarus Group and other North Korean-condemned agents.
Connected: North Korean detective slips, reveals relationships in fake job interviews
Federal law enforcement agencies and governments sound alarm on the Lazarus Group
Federal law enforcement agencies and governments around the world are rapidly investigating the activities of hackers associated with DPRK, alarm is ringing on many general scam strategies employed by these danger actors.
In September 2024, the United States Federal Bureau of Investigation (FBI) issued a warning about the social engineering scams set by the DPRK-supported group, including fishing efforts targeting crypto users with fake employment proposals.
https://www.youtube.com/watch?v=NDV0RFEHETQ
Governments in Japan, US and South Korea echoed the FBI warning in January 2025 and featured hacking activity as a threat to the financial system.
A recent report by Bloomberg suggested that the world leaders may discuss the threat of the Lazarus Hacking Group at the next G7 summit and reduce strategies to reduce the damage done by the DPRK-affiliated organization.
magazine: Favorite exploitation of Lazarus Group revealed – Crypto Hack Analysis
