On March.25, 2019, DragaonEx took to Telegram and informed the users about the stealing attack, and also shared the addresses to which cryptocurrency transferred. They also requested the other fellow exchanges to block the accounts of the addresses’ owners. However, the phishing attack only managed to snatch little amount of money- almost $7 million.
Report by Chainalysis
The recently published report on the part of Chainalysis, blockchain analysis firm, comes up with some startling facts-also about the infamous group behind the DragonEx attack. The report claims that the Lazarus group had stolen the coins from the exchange as well as from users.
The most astonishing thing about the Lazarus group is its link with the North Korean government. It is said that the stolen funds are used for the weapon expansion by the North Korean government. And the targets of the hacker attacks are giant financial institutions and crypto exchanges.
The group- also labeled as Beta Group- used advanced tactics to steal the assets. Similarly, they also exploited these tactics to hack the Singapore-based crypto exchange. The cybercriminal syndicate designed a professional website with the eye-catching profiles of employees.
Phishing Attack via Trading Bot
The phishing group designed a trading bot that attracted the exchange staff as well as users. Whenever, an employee tried to open the bot file, the data with keys saved on the computer, directed to them. Similarly, when a user downloaded the file, the needed information, to access the asset funds, went into the hands of the Lazarus group.
Per the report:
‘’While the DragonEx hack was relatively small, it was notable for the lengths Lazarus Group went in order to infiltrate the exchange’s systems in a sophisticated phishing attack.’’
Lazarus group was also involved in the hacker attack of Sony Pictures in 2014 and WannaCry ransomware attacks in 2017. According to the report, published in October 2018, Beta Group had hacked crypto of worth, nearly, $570 million.