Lazarus Group gained notoriety a decade ago when it was accused of hacking into Sony Pictures as revenge for The Interview, a film that mocked North Korean leader Kim Jong Un.
It was also allegedly behind the 2022 US$620 million heist of Ethereum and USD Coin from the Ronin Network in 2022, previously the biggest crypto theft in history.
And in December, the United States and Japan blamed it for the theft of cryptocurrency worth over US$300 million from the Japan-based exchange DMM Bitcoin.
North Korea’s cyber-warfare program dates back to at least the mid-1990s, and the country has been dubbed “the world’s most prolific cyber-thief” by a cybersecurity firm.
Pyongyang’s program has grown to a 6,000-strong cyber-warfare unit known as Bureau 121 that operates from several countries, according to a 2020 US military report.
A United Nations panel on North Korea’s evasion of sanctions last year estimated the nation has stolen more than US$3 billion in cryptocurrency since 2017.
Much of the hacking activity is reportedly directed by Pyongyang’s Reconnaissance General Bureau, its primary foreign intelligence agency.
Money stolen helps to fund the country’s nuclear weapons programme, the panel said.
