Japan has a field day with the crypto space in the preceding twenty-four hours. Lazarus, a North Korean hacking group, has been identified by Japan’s national police as the group responsible for years of crypto-related cyber-attacks. According to a joint statement issued by the local police and the Financial Services Agency of Japan, the hacker gang specializes in phishing and social engineering.
Consequently, Japan’s government has adopted a cabinet decision to change current legislation in an effort to combat money laundering through crypto. According to local news accounts, the nation has accounted for crypto hacking in various ways.
Japan claims Lazarus hackers group is targeting crypto firms
Japan’s National Police Agency (NPA) and Financial Services Agency (FSA) issued a warning to the nation’s crypto-asset enterprises in a public advisory statement. These entities recommended vigilance against “phishing” operations conducted by the hacking group in an attempt to steal crypto assets.
The Lazarus group has become the most infamous hacker organization, wreaking havoc in the crypto and traditional financial industries. Reportedly, the state-sponsored hacking gang is using the stolen funds to fund North Korean nuclear and ballistic missile projects.
The advisory statement is referred to as the “public attribution.” According to local reports, this is the fifth time the government has issued such a warning throughout history. The statement warns that the hacking group employs social engineering to conduct phishing attacks by impersonating executives of a target company in an attempt to lure employees into clicking malicious links or attachments.
The joint statement also included some general security advice, advising potential victims to store their private keys offline and to exercise caution when opening emails or hyperlinks. The NPA confirmed that several of the attacks were successful. However, NPA did not disclose details or the amounts stolen.
In order to prevent the possibility of a breach, the agency withholds information prior to an arrest. The Japanese government is not the only entity pursuing the famed cyber group. In April this year, the United States FBI discovered the group’s involvement in a case involving approximately $78 billion of stolen crypto assets.
Lazarus Group moves to the crypto industry
Lazarus Group purportedly has ties to North Korea’s Reconnaissance General Bureau, a government-sponsored foreign intelligence organization. They are suspected of being the March hackers responsible for the $650 million Ronin Bridge exploit. In addition, they were listed as suspects in the $100 million layer-1 blockchain Harmony hack.
Lazarus is accountable for several significant hacks outside of the blockchain field. They include the WannaCry ransomware attack of 2017, the Sony Pictures hack of 2014, and a series of cyber-attacks on pharmaceutical businesses in 2020, notably AstraZeneca, the creators of the COVID-19 vaccine.
This year, Lazarus also began stealing nine-digit crypto values. The attack in June targeted the Horizon bridge, a cross-chain bridge that connects Harmony to Ethereum, Binance Chain, and Bitcoin. Elliptic’s analysis at the time revealed that parallels between the two cross-chain bridge attacks strongly suggest Lazarus’ involvement.
Lazarus has also targeted cryptocurrency exchanges with fictitious job postings this year, including malicious links and PDFs.
In August, researchers at ESET Labs identified a bogus Coinbase job posting that was a Trojan horse planted by the gang. Lazarus reprised the attack with phony Crypto.com job postings last month. The documented usage by the Lazarus Group of Tornado Cash qualified the U.S. government to sanction it.
Japanese government goes tough on money laundering
According to local news sources, the Japanese government has approved a cabinet decision to alter existing legislation to prevent money laundering using cryptocurrencies. Japan’s executive body, the cabinet, decided to proceed with the amendments to the country’s Foreign Exchange Act and Act on Prevention of Transfer of Criminal Proceeds.
The cabinet decision follows a September Nikkei report that stated the government planned to alter the Prevention of Transfer of Criminal Proceeds Act to prevent criminals from utilizing cryptocurrency exchanges to launder money.
Since last year, Japan has sought to apply anti-money-laundering standards set by the Financial Action Task Force, a worldwide watchdog. In contrast, local crypto exchanges have fought to limit the scope of the rules, citing compliance challenges and costs.
The new laws require crypto exchanges to divulge customer information, including names and addresses, when funds are transferred across platforms and might impose penalties on firms that do not comply.
nAccording to the report, the cabinet-approved modifications will soon be submitted to the National Diet, the Japanese legislature. Crypto investors are unsure how the AML legislation will protect them from the Lazarus Group. Nonetheless, this is the first step in the correct direction.