Kaspersky Lab announced that the North Korean hacking group ‘BlueNoroff’ stole millions of dollars in cryptocurrencies after creating more than 70 fake domains and impersonating banks and venture capital firms.

BlueNoroff—the name given by security researchers to a group linked with North Korean state-sponsored hacking collective Lazarus Group—has expanded its criminal activities to include posing as venture capitalists looking to invest in crypto startups.

Hackers linked to North Korea’s Lazarus Group are reportedly behind a massive phishing campaign targeting non-fungible token (NFT) investors — utilizing nearly 500 phishing domains to dupe victims. Blockchain security firm SlowMist released a report on Dec. 24, revealing the tactics that North Korean Advanced Persistent Threat (APT) groups have used to part NFT investors from their NFTs, including decoy websites disguised as a variety of NFT-related platforms and projects. (Cointelegraph)

According to a new press report published by South Korea's National Intelligence Service (NIS), North Korean hackers have stolen more than 800 billion Korean won ($620 million) worth of cryptocurrencies from decentralized finance, or DeFi, platforms this year. The agency also revealed it blocked a daily average of 1.18 million attacks perpetrated by national and international hacking organizations in November. 

The Lazarus group, a North Korean hacking organization previously linked to criminal activity, has been connected to a new attack scheme to breach systems and steal cryptocurrency from third parties. The campaign, which uses a modified version of an already existing malware product called Applejeus, uses a crypto site and even documents to gain access to systems.