The Lazarus APT group, linked to North Korea, has reportedly stolen over $240 million worth of cryptocurrency since June 2023. Multiple businesses, including Atomic Wallet, CoinsPaid, Alphapo, and, have fallen victim to the group’s attacks. CoinEx, a global cryptocurrency exchange, is also suspected to have lost $31 million to Lazarus.

Researchers from blockchain cybersecurity firm Elliptic found that funds stolen from CoinEx were sent to an address used by Lazarus to launder funds stolen from The analysis suggests that Lazarus has shifted its focus from decentralized services to centralized ones. This change is likely due to increased security measures for decentralized finance platforms and the greater susceptibility of centralized exchanges to social engineering attacks.

In total, approximately $291.3 million has been lost due to private key breaches, with the and CoinEx exploits accounting for 78% of September’s losses. The Lazarus group’s modus operandi involves spear-phishing attacks targeting Web3 companies’ personnel to obtain sensitive credentials. Web3 employees are urged to be cautious of unsolicited job pitches with overly attractive compensation packages.


Full Stack Developer

About the Author

I’m passionate about web development and design in all its forms, helping small businesses build and improve their online presence. I spend a lot of time learning new techniques and actively helping other people learn web development through a variety of help groups and writing tutorials for my blog about advancements in web design and development.

View Articles