This alarming trend raises significant concerns, as these GPUs fall under U.S. export controls and are explicitly prohibited from being shipped to North Korea. The restrictions are part of broader international sanctions aimed at curbing the country’s technological advancements due to national security risks.

How Banned GPUs Are Empowering Crypto Heists

Despite these sanctions, North Korea has been methodically building its AI infrastructure for several decades. While it may not be accessing the highest-end AI models, even mid-range GPUs like the GeForce RTX 2700 provide substantial computational power. This power is harnessed to support North Korea’s crypto theft operations.

The regime’s interest in cryptocurrencies dates back to around 2017. By engaging in crypto thefts, North Korea circumvents international sanctions, generating untraceable revenue streams. State-sponsored hacking groups, most notably the Lazarus Group, have targeted cryptocurrency exchanges worldwide. These groups are believed to operate under the direction of the Reconnaissance General Bureau, North Korea’s military intelligence unit.

Advanced AI Tools in Crypto Heists

With the aid of AI, North Korea’s capacity for crypto theft has drastically increased. A 2025 report highlights that hacking teams linked to the country are employing sophisticated AI tools to scan codebases, identify vulnerabilities in smart contracts, and more. These hackers often create fake recruiter profiles, leveraging AI to craft convincing identities and messages.

The use of AI in these operations allows for a scale and precision that was previously unattainable, underscoring the critical importance of addressing the loopholes in international sanctions and export controls.

As North Korea continues to expand its technological reach, the global community must remain vigilant. The integration of AI and banned technology into their illegal operations poses a significant threat not only to the cryptocurrency market but also to broader geopolitical stability.

The post North Korea Crypto Heists: 5 Shocking Ways Banned GPUs Fuel Secret Operations appeared first on Crypto Market Insights: Dive In with CryptoUpdate.io.

Lazarus Group Suspected in Upbit Hack

On Thursday, Upbit announced the detection of abnormal withdrawals involving Solana-based crypto assets, prompting an immediate suspension of deposit and withdrawal services. Initial reports indicated a loss of roughly 54 billion won ($36.8 million), but this was later revised to approximately 44.5 billion won ($30.4 million).

Authorities, citing anonymous government and industry sources, are increasingly confident that the Lazarus Group was behind this security breach. The methods employed in this attack bear a striking resemblance to the techniques used in a previous 2019 theft, which further raises suspicions about Lazarus’ involvement.

Attack Methods and Investigation

Unlike direct server attacks, the hackers are believed to have compromised administrator accounts or impersonated administrators to authorize the fraudulent transfers. This sophisticated approach has complicated the investigation, but authorities are preparing an on-site inspection of Upbit to gather further evidence.

Blockchain analysis provider Dethective has revealed that onchain data shows a wallet associated with the hack swapping Solana for USDC and bridging funds to Ethereum. This movement of funds is being closely monitored as the investigation continues.

Historical Context and Implications

The Lazarus Group’s previous involvement in a 342,000 ETH hack from Upbit in November 2019 adds a historical context to their alleged participation in this recent breach. South Korean police have concluded that Lazarus was indeed responsible for that attack, intensifying scrutiny on their operations.

This incident underscores the persistent threat posed by organized cybercrime groups in the cryptocurrency space. It highlights the urgent need for enhanced security measures and robust regulatory frameworks to protect digital assets and investor confidence.

Corporate Developments and Future Outlook

Amidst these security challenges, Naver Financial has confirmed its merger with Dunamu, the company behind Upbit. This strategic move aims to secure future growth momentum based on digital assets. As a wholly-owned subsidiary, Dunamu will integrate with Naver Financial to bolster its digital infrastructure and security protocols.

As the investigation unfolds, the cryptocurrency community remains vigilant, understanding the critical importance of securing exchanges against such formidable adversaries as the Lazarus Group.

The post Lazarus Group’s $30 Million Upbit Hack: 5 Shocking Revelations Exposed appeared first on Crypto Market Insights: Dive In with CryptoUpdate.io.

The group has set its sights on various exchanges, including Phemex and Bybit, and they even attempted to deceive a BitMEX staff member by proposing a bogus project as a disguise for a phishing attempt to implant harmful software on the staff member’s device. However, BitMEX is now retaliating by delving into the malevolent code deployed by the hacker group.

BitMEX has unearthed serious loopholes that exchanges can leverage to safeguard their assets. This includes revealing the group’s tracking databases and originating IP addresses, which allows BitMEX to monitor its functioning hours and single out key players crucial to the group’s operations.

The BitMEX team has distinguished different levels for the hackers, ranging from novice hackers performing phishing tasks to experts assigned to conduct post-exploitation procedures. The BitMEX blog post proposes various real-time security breach detection measures, including an internal monitoring system for identifying infections.

BitMEX’s sudden interest in cybersecurity stems from a Lazarus Group member reaching out to a BitMEX employee on LinkedIn with a proposition to participate in a counterfeit NFT project. This audacious phishing attempt prompted BitMEX to probe deeper into the matter, which resulted in a chance to analyze live Lazarus code.

BitMEX researchers uncovered a Lazarus Supabase, which contained data related to the malware, such as username, hostname, operating system, geolocation, timestamp, and IP address. With this data, BitMEX identified various devices as either a developer or test machine based on their operational frequency.

While most of the developers utilized VPNs to conceal their location, one developer made an error revealing the actual IP address of the machine, which is located in Jiaxing, China. BitMEX considers this a significant lapse that could potentially unveil the hacker’s identity.

BitMEX has now developed a script to automatically analyze the Supabase and search for operational errors. After all, even hackers are prone to mistakes, which can prove to be their downfall. BitMEX’s astute analysis of Lazarus Group’s operations will continue to enhance their cybersecurity measures and protect their platform.

The post Unveiling Lazarus Group’s Secrets: BitMEX Developers Dive Deep into Hackers’ Database appeared first on Crypto Market Insights: Dive In with CryptoUpdate.io.

North Korea Strikes Again!

North Korea has been linked to several high-profile cyberattacks in recent years, including the infamous WannaCry ransomware attack that caused chaos in 2017. The country is believed to have a formidable army of cybercriminals that operate from within its borders, with the aim of generating funds for the regime. These cyber criminals are highly trained and well-organized, making it difficult for law enforcement agencies to track them down.

$200 Million Hacked by North Korea

The latest attack involving Euler and Axie Infinity has resulted in losses of around $200 million, making it one of the biggest hacks of the year. Euler, a decentralized finance platform, was exploited through a vulnerability in its smart contract, while Axie Infinity was hit with a DNS attack that allowed the hackers to gain access to user wallets. The attack highlights the growing sophistication of cybercriminals from North Korea, who are constantly evolving their tactics to stay ahead of law enforcement agencies.

Euler Exploit and Axie Infinity Hack

The Euler exploit and Axie Infinity hack were carried out by cybercriminals from North Korea, who have been linked to several similar attacks in the past. The Euler exploit involved a vulnerability in the platform’s smart contract, which allowed the hackers to drain funds from several accounts. The Axie Infinity hack, on the other hand, involved a DNS attack that allowed the hackers to gain access to user wallets.

Cybercriminals from North Korea

North Korea is known to have a highly trained army of cybercriminals who operate from within its borders. These cybercriminals are believed to be responsible for several high-profile attacks in recent years, including the WannaCry ransomware attack. The regime is known to use the funds generated from these attacks to finance its nuclear weapons program, making the situation even more concerning.

North Korea’s Latest Cyberattack

The Euler exploit and Axie Infinity hack are the latest in a long line of cyberattacks carried out by North Korean cybercriminals. These attacks are becoming increasingly sophisticated, making it difficult for law enforcement agencies to keep up. The international community needs to work together to put an end to these attacks, which are causing significant harm to individuals and businesses around the world.

How North Korea Stole $200 Million

The Euler exploit and Axie Infinity hack allowed North Korean cybercriminals to steal around $200 million from unsuspecting victims. The exploit involved a vulnerability in the platform’s smart contract, while the hack involved a DNS attack that allowed the hackers to gain access to user wallets. These attacks highlight the growing threat posed by cybercriminals from North Korea, who are becoming increasingly adept at stealing funds and evading justice.

The latest cyberattack involving Euler and Axie Infinity highlights the growing threat posed by North Korean cybercriminals. These attacks are becoming increasingly sophisticated, making it more difficult for law enforcement agencies to track down the perpetrators. It is crucial that the international community works together to put an end to these attacks, which are causing significant harm to individuals and businesses around the world. Only through cooperation and collaboration can we hope to defeat this growing threat.

The post “North Korea Linked to $200M Cyberattack on DeFi Platform and Blockchain Game” appeared first on Crypto Market Insights: Dive In with CryptoUpdate.io.

The Lazarus Group is suspected of being the organization that was behind the Ronin Bridge scam. In March, a hacker gained access to the Ronin sidechain, which is connected to the main Ethereum blockchain but allows the developers of the play-to-earn game Axie Infinity, Sky Mavis, to support faster and cheaper transactions. As a result of the hack, 173,600 ETH and 25.5 million USDC were stolen, which had a market value of $625 million at the time. It is one of the most significant breaches in the history of crypto. In June, blockchain analytics company Elliptic discovered that the 100 million dollar Horizon Bridge attack could be traced back to Lazarus.

The Japanese National Police Agency did not identify any of the firms that were hacked or the sums that were taken, but it did identify the hacking gang. It’s something that the agency doesn’t usually tell the public before making an arrest because it could lead to another attack.

The post Lazarus, North Korean Hackers, Attacks Japanese Crypto Firms appeared first on Crypto Market Insights: Dive In with CryptoUpdate.io.

North Korea is famous for the “habitual” firing of ballistic missiles. They are also passionate about stealing other countries’ crypto.

On Thursday (Feb. 10), North Korea accused the US of stealing funds and committing underhanded cybercrime. They accused the US just days after the United Nations accused Pyongyang of conducting cyberattacks on crypto exchanges worldwide.

As per the reports by the North Korean officials, the US is a “hacking king, a wire-tapping regime and an expert in covert theft.”

North Korea Fires Crypto Bomb!

Although the UN observers did not specifically cite the US. They are claiming that the information is from a “member nation”. They’ve also referenced data gathered by the American firm Chainalysis on alleged North Korean crypto raids.

According to South Korean news outlet EDaily, the North’s foreign ministry debunked UN monitors’ recent assertions. They‘ve put the assertion that North Korean hackers harvested over $50 million between 2020 and mid-2021.

Further, Kumsuki has also been linked to an attack, according to security firm Ahn Labs, that makes use of malicious Microsoft Word documents.

Moreover, the North Korean ministry alleged that claims of crypto bomb constituted an “assault” on the country’s “sovereignty”. They’ve cited them as examples of “disgusting behaviour” that the ministry would not condone.

Furthermore, It added that Washington is using humanity’s common virtual grounds “to achieve its hegemony objectives.”

In addition, Experts in Seoul and Washington claimed in 2019 that Pyongyang had trained a group of at least 30 “elite cyber warriors”. They’ve directed them to infiltrate Western and Western-allied crypto targets with reckless abandon.

Meanwhile, Pyongyang is said to be not content to keep its crypto stash indefinitely. The South Korean experts claim that North Korean hackers’ final obstacle is selling off their stolen crypto assets.

The post North Korea Fires Crypto Bomb At US, Calls It King of Theft appeared first on Crypto Market Insights: Dive In with CryptoUpdate.io.