Executive Summary

The Lazarus Group, a North Korean-sponsored Advanced Persistent Threat (APT), is intensifying its cryptocurrency theft operations. This is evident in its USD $1.5 billion hack of Bybit exchange, the biggest such attack to date, in late February. The attack showcases increased sophistication, particularly in the laundering process pace. 

The Lazarus Group believed to have been in operation since at least 2010, creates for North Korea crucial revenue, likely used for its illicit weapons programs. The stolen amount is close to Pyongyang’s estimated yearly defence budget, showing that the regime is relying heavily on cybercrime for income.

The increasing difficulty law enforcement has in tracking cryptocurrency in situations like this most recent attack highlights a significant threat to global financial security. This threat is especially dire considering that nations are looking to incorporate cryptocurrency into state-level financial matters. For instance, US President Donald Trump on 06 March signed an executive order establishing that country’s first bitcoin strategic reserve. [source]

Images Sourced From: Office of the President of the Russian Federation, Bjørn Christian Tørrissen, Roman Harak