Latest Threat Research: LetMeowIn – Analysis of a Credential Dumper

Get Informed


Lazarus Group Behind Crypto-currency Scam

North Korea has been held responsible for at least two crypto-currency scams that have been found this year. The two scams, Marine Coin and Interstellar Coin were found to be active within the last year, up until September. North Korea managed to steal money from users in the initial coin offering’s (ICO’s), when the user would  try to purchase the new coin. Millions of dollars were taken when the users thought they were purchasing the new cryptocurrency, but after buying it, they never received the coin. Marine Chain enabled the tokenization of maritime vessels and owners, and the website was a mirror of a site called “Ship-owner,” which does the same tokenization. The Marine Chain website was registered on four different IP addresses, but one was previously identified in another scam by Canada. It was later discovered that the IP address was linked to the Lazarus Group by Canada, which linked the group to the Marine Chain scam.

Analyst Notes

The Lazarus group has been behind a multitude of attacks on crypto-currency exchanges in the past years, but these attacks show how they are evolving and changing techniques for a higher monetary gain for North Korea.