• About Us
  • Careers
  • Contact
No Result
View All Result
Sunday, June 1, 2025
DeFi Planet
  • News
    • People
    • Business
    • Crime
    • Regulation
    • Crypto
    • CBDC
  • Markets
    • Bitcoin
    • Ethereum
    • Stablecoins
    • Altcoins
    • Crypto ETFs
    • Memecoins
  • Policy
  • Articles
    • Press Releases
    • Opinion
    • Explainers
    • Guest Post
    • Sponsored
  • Directory
    • Companies
    • People
    • Products
    • Wallets
  • Multimedia
    • Videos
    • Podcasts
  • Learn
    • DeFi Basics
    • Tutorials
    • Reviews
    • Blockchain Fundamentals
  • Research
    • Case Studies
  • Explore
    • DeFi
    • Crypto Gaming
    • NFT
    • DAO
    • Metaverses
  • Jobs
  • Markets Pro
    • DeFi Planet Pro
    • Spend Crypto
    • Swap Crypto
    • Coin Prices
    • Crypto Exchanges
    • Crypto Analyzer
  • News
    • People
    • Business
    • Crime
    • Regulation
    • Crypto
    • CBDC
  • Markets
    • Bitcoin
    • Ethereum
    • Stablecoins
    • Altcoins
    • Crypto ETFs
    • Memecoins
  • Policy
  • Articles
    • Press Releases
    • Opinion
    • Explainers
    • Guest Post
    • Sponsored
  • Directory
    • Companies
    • People
    • Products
    • Wallets
  • Multimedia
    • Videos
    • Podcasts
  • Learn
    • DeFi Basics
    • Tutorials
    • Reviews
    • Blockchain Fundamentals
  • Research
    • Case Studies
  • Explore
    • DeFi
    • Crypto Gaming
    • NFT
    • DAO
    • Metaverses
  • Jobs
  • Markets Pro
    • DeFi Planet Pro
    • Spend Crypto
    • Swap Crypto
    • Coin Prices
    • Crypto Exchanges
    • Crypto Analyzer
No Result
View All Result
DeFi Planet
No Result
View All Result

Lazarus Group Deploys Malicious npm Packages to Steal Credentials and Crypto Data

12 March 2025
in Crypto, News
Reading Time: 3 mins read
109 4
Home News Crypto

North Korea’s state-backed hacking group, Lazarus, has launched a fresh supply chain attack, injecting six malicious npm packages designed to steal credentials and exfiltrate cryptocurrency data.

The campaign, uncovered by the Socket Research Team, leverages BeaverTail malware to infiltrate developers’ systems and extract sensitive information.

According to the researchers, the compromised packages—is-buffer-validator, yoojae-validator, event-handle-package, array-empty-validator, react-event-dependency, and auth-validator—were downloaded over 300 times before detection. These packages rely on typosquatting, mimicking legitimate libraries to trick developers into installing them. Once executed, they scan browser profiles from Chrome, Brave, and Firefox, as well as macOS keychain data, to harvest login credentials and cryptocurrency wallet details, particularly those related to Solana and Exodus wallets.

The stolen data is transmitted to a hardcoded command-and-control (C2) server at hxxp://172.86.84[.]38:1224/uploads, aligning with Lazarus’s known tactics of persistent access and data exfiltration. Kirill Boychenko, a threat intelligence analyst at Socket Security, emphasized that this attack follows Lazarus’s established pattern of leveraging multi-stage payloads to infiltrate systems and maintain access over time.

Lazarus has a history of exploiting supply chain vulnerabilities, previously targeting npm, GitHub, and PyPI to compromise networks. The group was recently linked to the $1.46 billion Bybit exchange hack in late February, which is considered one of the largest cryptocurrency thefts. Reports suggest the attack originated from a compromised computer at Safe, Bybit’s technology provider, allowing hackers to siphon funds. 

Bybit’s CEO, Ben Zhou, later revealed that 20% of the stolen assets had already become untraceable due to laundering via crypto-mixing services. Zhou noted that about 77% of the stolen assets remain traceable, but the laundered portion complicates recovery efforts. The attackers primarily utilized THORChain, a cross-chain liquidity protocol, to convert stolen Ethereum into Bitcoin. Zhou also revealed that 11 parties, including Mantle, ParaSwap, and blockchain investigator ZachXBT, have assisted in recovering some funds, with over $2.1 million in bounties paid out.

 

If you want to read more news articles like this, visit DeFi Planet and follow us on Twitter, LinkedIn, Facebook, Instagram, and CoinMarketCap Community.

“Take control of your crypto portfolio with MARKETS PRO, DeFi Planet’s suite of analytics tools.”

Don't miss out!

Subscribe To Our Newsletter

Receive top education news, lesson ideas, teaching tips and more!
Invalid email address
Give it a try. You can unsubscribe at any time.
Thanks for subscribing!
Tags: Lazarus GroupNorth Korea
Share66Tweet41Share12
Previous Post

Coinbase Secures Regulatory Approval to Re-Enter Indian Crypto Market

Next Post

SEC Acknowledges Nasdaq’s Proposal to List Grayscale Hedera Trust Shares

Favour Okosodo

Favour Okosodo

Experienced web content writer with a strong command of SEO, specializing in creating concise, engaging content that drives traffic and enhances conversions across diverse industries.

Related Posts

source: lemonde.fr
Crypto

Russian Couple Escapes Crypto Kidnapping, Triggers Global Manhunt

30 May 2025
source: pymnts.com
News

SEC Clarifies: Protocol Staking on Proof-of-Stake Blockchains Not a Security

30 May 2025
source: tokenpost.com
Bitcoin

Panama City Mayor Proposes Bitcoin Payments for Priority Panama Canal Passage

30 May 2025
source: cripto-valuta.net
News

Amboss Launches ‘Rails’ to Boost Bitcoin Yield and Lightning Network Efficiency

30 May 2025

Featured Posts

Assessing The Impact of China’s Crypto Crackdown

byOlajumoke Oyaleke
19 January 2025
0

Why Are We Trying to Make Bitcoin Like Ethereum? (And Why We Should Not)

byOlajumoke Oyalekeand1 others
3 January 2025
0

Global Crypto Taxation Trends: Supporting Growth or Hindering Innovation?

byOlajumoke Oyaleke
31 December 2024
0

The 10 Worst Crypto Mistakes And How To Avoid Them | DeFi Planet

The 10 Worst Crypto Mistakes And How To Avoid Them

byArjun Chand
26 August 2021
1

A Dive Into The Life Of Meme Coin, DogeCoin | DeFi Planet

From Comic Relief to Crypto Sensation: The Epic Evolution of Dogecoin

byRose Nnamdiand1 others
4 August 2021
0

Read More

Chain of Thoughts

Are Stablecoins Bank Deposits?

Are Stablecoins Bank Deposits?

byOlu Omoyele
31 May 2025
0

...

DAOs and the Coordination of Human Endeavour

DAOs and The Coordination of Human Endeavour

byOlu Omoyele
27 April 2025
0

...

Should DeFi Be Regulated?

Should DeFi Be Regulated?

byOlu Omoyele
27 March 2025
0

...

Is Tokenization All That It’s Cracked Up To Be?

Is Tokenization All That It’s Cracked Up To Be?

byOlu Omoyele
26 February 2025
0

...

Markets Update

Your Weekend Crypto Roundup | May 2025 (Week 5)

9 hours ago

Your Weekend Crypto Roundup | May 2025 (Week 4)

1 week ago

Your Weekend Crypto Roundup | May 2025 (Week 3)

2 weeks ago

Your Weekend Crypto Roundup | May 2025 (Week 2)

3 weeks ago

Your Weekend Crypto Roundup | May 2025 (Week 1)

4 weeks ago

Your Weekend Crypto Roundup | April 2025 (Week 4)

1 month ago
Read More

Events

Crypto Valley Conference
Crypto Valley Conference
5 Jun 25
Risch-Rotkreuz

Spotlight

All about Ethereum
All about Algorand
All about Bitcoin
All about Gora

Press Releases

Zircuit Enables Non-Custodial Wallet Top-Ups for Crypto.com Visa Cards

bychainwire
30 May 2025
0

Bet20 Launches Premium Casino Platform with Trusted Licensing, Instant Crypto Withdrawals, and Elite Gaming

bychainwire
29 May 2025
0

Reddio’s Exclusive Token Generation Event (TGE) and Alpha Trading on Binance Wallet – May 29, 2025

bychainwire
29 May 2025
0

Weed Launches Global Well-Being Platform Powered by AI

bychainwire
28 May 2025
0

Cache Wallet Begins Token Sale with Early Demand and Asset Recovery Breakthrough

bychainwire
27 May 2025
0

Read More

ADVERTISING

ABOUT

TEAM

CAREERS

CONTACT

TERMS & CONDITIONS

PRIVACY POLICY

© Copyright 2025 DeFi Planet

Welcome Back!

Login to your account below

Forgotten Password?

Retrieve your password

Please enter your username or email address to reset your password.

Log In

Add New Playlist

No Result
View All Result
  • News
    • People
    • Business
    • Crime
    • Regulation
    • Crypto
    • CBDC
  • Markets
    • Bitcoin
    • Ethereum
    • Stablecoins
    • Altcoins
    • Crypto ETFs
    • Memecoins
  • Policy
  • Articles
    • Press Releases
    • Opinion
    • Explainers
    • Guest Post
    • Sponsored
  • Directory
    • Companies
    • People
    • Products
    • Wallets
  • Multimedia
    • Videos
    • Podcasts
  • Learn
    • DeFi Basics
    • Tutorials
    • Reviews
    • Blockchain Fundamentals
  • Research
    • Case Studies
  • Explore
    • DeFi
    • Crypto Gaming
    • NFT
    • DAO
    • Metaverses
  • Jobs
  • Markets Pro
    • DeFi Planet Pro
    • Spend Crypto
    • Swap Crypto
    • Coin Prices
    • Crypto Exchanges
    • Crypto Analyzer

© Copyright 2024 DeFi Planet   |   Terms & Conditions   |   Privacy Policy

-
00:00
00:00

Queue

Update Required Flash plugin
-
00:00
00:00