North Korea ‘Used LinkedIn, Telegram’ in USD 7m Crypto Exchange Hack

Exchange Hack North Korea
Last updated:
Author
Author
Tim Alper
About Author

Tim Alper is a British journalist and features writer who has worked at Cryptonews.com since 2018. He has written for media outlets such as the BBC, the Guardian, and Chosun Ilbo. He has also worked...

Last updated:
Why Trust Cryptonews
Cryptonews has covered the cryptocurrency industry topics since 2017, aiming to provide informative insights to our readers. Our journalists and analysts have extensive experience in market analysis and blockchain technologies. We strive to maintain high editorial standards, focusing on factual accuracy and balanced reporting across all areas - from cryptocurrencies and blockchain projects to industry events, products, and technological developments. Our ongoing presence in the industry reflects our commitment to delivering relevant information in the evolving world of digital assets. Read more about Cryptonews

A report claims that the infamous North Korean hacking group Lazarus used LinkedIn and Telegram messages as part of a raid that saw it make off with some USD 7 million from Singapore-based exchange DragonEx in March 2019.

Source: iStock/mactrunk

Per Radio Free Asia, which quoted data from the Chainalysis 2020 Crypto Crime Report, Lazarus hackers created what appear to be fake LinkedIn accounts, in a bid to distribute malware that “senior managers” at the exchange installed on their computers.

The report contains screenshots of a LinkedIn profile for a user named Gabe Frank, listed as the “founder“ and “Tech CTO” of a “wallet company” named WFC Proof.

According to Radio Free Asia, Chainalysis claims that the hackers, posing as Frank, sent unnamed executives at DragonEx messages via both LinkedIn and Telegram and eventually convinced them to download the malware – believing it to be the trial version of an above-board cryptocurrency trading bot.

Instead, it appears the program contained malware that allowed Lazarus to obtain the private keys for the exchange’s wallets.

In a previous excerpt from the Chainalysis report, the firm claimed,

“While the DragonEx hack was relatively small, it was notable for the lengths Lazarus Group went in order to infiltrate the exchange’s systems in a sophisticated phishing attack. Lazarus created a fake company […] complete with a slick website and social media presence for made-up employees. Lazarus even went so far as to build a software product resembling the trading bot they claimed to be selling.”

Learn more:
UN: North Korea Turns Talented Children into Cryptocurrency Hackers
The Darknet Still Loves Bitcoin – and Doesn’t Care About Prices
Corrupt OTC Brokers Sent Dirty USD 1.5bn in Bitcoin to Binance and Huobi – Report

More Articles

Price Analysis
$TRUMP Pumping Over 20% This Week: Presidential Memecoin Back for Good?
Arslan Butt
Arslan Butt
2025-02-15 15:26:50
Price Analysis
Study Predicts Bitcoin Surge to $1M by Early 2027: Is That Possible?
Arslan Butt
Arslan Butt
2025-02-15 14:45:43
Crypto News in numbers
editors
Authors List + 66 More
2M+
Active Monthly Users Around the World
250+
Guides and Reviews Articles
8
Years on the Market
70
International Team Authors