#lazarus
lazarus
442,889 views
79 Discussing
Hot
Latest
☠️ ALERT — North Korea just upgraded their attack on crypto and almost nobody is talking about it.
Same month. Same group. Three hits:
🔴 $285M — Drift Protocol (April 1)
🔴 $292M — KelpDAO (April 18)
🔴 NEW — "Mach-O Man" malware targeting YOUR Mac right now
How does Mach-O Man work?
You get a Telegram message: "Urgent Zoom call, fix your connection — paste this command."
You paste it. Your entire system is theirs. Done.
This isn't random hackers. This is a North Korean state army funding nuclear weapons with YOUR crypto.
Lazarus Group stole 59% of ALL crypto stolen globally in 2025.
In just 18 days of April 2026 — $577M gone.
And now Google says quantum computers could crack Bitcoin's encryption by 2029. Bitcoin's own fix (BIP-361) takes 7 years. Do the math. 👀
🔐 Never paste commands from strangers into your terminal. Ever.
RT this to save someone's wallet. 👇
#Lazarus #CryptoSecurity #Bitcoin #BinanceSquare #DeFi
Same month. Same group. Three hits:
🔴 $285M — Drift Protocol (April 1)
🔴 $292M — KelpDAO (April 18)
🔴 NEW — "Mach-O Man" malware targeting YOUR Mac right now
How does Mach-O Man work?
You get a Telegram message: "Urgent Zoom call, fix your connection — paste this command."
You paste it. Your entire system is theirs. Done.
This isn't random hackers. This is a North Korean state army funding nuclear weapons with YOUR crypto.
Lazarus Group stole 59% of ALL crypto stolen globally in 2025.
In just 18 days of April 2026 — $577M gone.
And now Google says quantum computers could crack Bitcoin's encryption by 2029. Bitcoin's own fix (BIP-361) takes 7 years. Do the math. 👀
🔐 Never paste commands from strangers into your terminal. Ever.
RT this to save someone's wallet. 👇
#Lazarus #CryptoSecurity #Bitcoin #BinanceSquare #DeFi
🚨 Lazarus "The North Korean Ghost" Strikes DeFi – $577 Million Gone in 18 Days
The Lazarus hacking group (North Korea) has confirmed its involvement in both of the biggest attacks in April: Drift Protocol lost $285M on April 1st and KelpDAO lost $292M on April 18th – total damages exceeding $577M in just half a month.
The KelpDAO hack exploited a vulnerability in the LayerZero bridge by launching a DDoS attack on 2 RPC nodes, forcing the failover system and tricking the verifier into signing fake cross-chain transactions, withdrawing 116,500 rsETH (~18% of the circulating supply).
April 2026 officially became the worst month for DeFi since February 2025, with total damages this year reaching $771.8M – the number of attacks has nearly doubled compared to the same period in 2025.
#DeFiHack #Lazarus #KelpDAO
The Lazarus hacking group (North Korea) has confirmed its involvement in both of the biggest attacks in April: Drift Protocol lost $285M on April 1st and KelpDAO lost $292M on April 18th – total damages exceeding $577M in just half a month.
The KelpDAO hack exploited a vulnerability in the LayerZero bridge by launching a DDoS attack on 2 RPC nodes, forcing the failover system and tricking the verifier into signing fake cross-chain transactions, withdrawing 116,500 rsETH (~18% of the circulating supply).
April 2026 officially became the worst month for DeFi since February 2025, with total damages this year reaching $771.8M – the number of attacks has nearly doubled compared to the same period in 2025.
#DeFiHack #Lazarus #KelpDAO
لارا الزهراني:
مكافأة مني لك تجدها مثبت في اول منشور ❤️
Lazarus Group (a hacker group supported by North Korea 🇰🇵) launched an attack on the OKX DEX platform! 🚨
The attack led to a temporary suspension of service by OKX, which is a popular cryptocurrency exchange. The Lazarus Group is known to be one of the most dangerous groups on the internet, carrying out attacks targeting cryptocurrency platforms and stealing users' funds to finance the North Korean regime.
#TonRally #Lazarus #NorthKoreaHackers #BTC #bitcoin
$BTC
The attack led to a temporary suspension of service by OKX, which is a popular cryptocurrency exchange. The Lazarus Group is known to be one of the most dangerous groups on the internet, carrying out attacks targeting cryptocurrency platforms and stealing users' funds to finance the North Korean regime.
#TonRally #Lazarus #NorthKoreaHackers #BTC #bitcoin
$BTC
🚨Lazarus has converted 100% of the ETH stolen from Bybit into BTC.
#Lazarus #LazarusGroup #BTC #ETH #HackerAlert $BTC $ETH
#Lazarus #LazarusGroup #BTC #ETH #HackerAlert $BTC $ETH
North Korea's Ascension in Bitcoin Holdings:
North Korea has emerged as the third-largest holder of Bitcoin globally, surpassed only by the United States and the United Kingdom. This position results from the cyber-hacking group Lazarus, which accumulated approximately 13,580 Bitcoin, valued at £886 million. A notable heist involved the cryptocurrency exchange Bybit, where over £1.2 billion in Ethereum was stolen. These cyber activities are believed to fund North Korea's military programs, with estimates suggesting up to 40% of its nuclear program is financed through such means.
Also, 🇰🇵 North Korea’s Lazarus group has converted the stolen $ETH to $BTC after the Bybit hack, now holding 13,562 $BTC worth around $1.12B per data from Arkham.
| #Lazarus
North Korea has emerged as the third-largest holder of Bitcoin globally, surpassed only by the United States and the United Kingdom. This position results from the cyber-hacking group Lazarus, which accumulated approximately 13,580 Bitcoin, valued at £886 million. A notable heist involved the cryptocurrency exchange Bybit, where over £1.2 billion in Ethereum was stolen. These cyber activities are believed to fund North Korea's military programs, with estimates suggesting up to 40% of its nuclear program is financed through such means.
Also, 🇰🇵 North Korea’s Lazarus group has converted the stolen $ETH to $BTC after the Bybit hack, now holding 13,562 $BTC worth around $1.12B per data from Arkham.
| #Lazarus
Caution when participating in the crypto market: 38 million USD confiscated, revealing the dark side of illegal platforms
Recently, the German authorities confiscated 38 million USD in cryptocurrency from the eXch exchange, raising serious warnings about the risks of trading on unregulated platforms.
#eXch , operating since 2014, offers anonymous cryptocurrency asset swapping services, without implementing identity verification (KYC) or anti-money laundering (AML) measures. This makes it an ideal tool for cybercriminals. Approximately 1.9 billion USD has been transferred through this platform, including stolen cryptocurrency – part of which comes from the 1.4 billion USD hack of the Bybit exchange, allegedly conducted by the North Korean hacker group #Lazarus .
The incident shows:
Opaque exchanges pose significant legal risks.
Users' funds can be traced, frozen, or confiscated if linked to illegal money flows.
Users may unknowingly facilitate money laundering activities.
Advice: Only use legal exchanges that are strictly regulated and comply with international standards.
Risk warning: Investing in cryptocurrency always carries high risks and is not suitable for everyone. Always conduct thorough research and protect your assets.
Recently, the German authorities confiscated 38 million USD in cryptocurrency from the eXch exchange, raising serious warnings about the risks of trading on unregulated platforms.
#eXch , operating since 2014, offers anonymous cryptocurrency asset swapping services, without implementing identity verification (KYC) or anti-money laundering (AML) measures. This makes it an ideal tool for cybercriminals. Approximately 1.9 billion USD has been transferred through this platform, including stolen cryptocurrency – part of which comes from the 1.4 billion USD hack of the Bybit exchange, allegedly conducted by the North Korean hacker group #Lazarus .
The incident shows:
Opaque exchanges pose significant legal risks.
Users' funds can be traced, frozen, or confiscated if linked to illegal money flows.
Users may unknowingly facilitate money laundering activities.
Advice: Only use legal exchanges that are strictly regulated and comply with international standards.
Risk warning: Investing in cryptocurrency always carries high risks and is not suitable for everyone. Always conduct thorough research and protect your assets.
🔴 Lazarus is back in action — fake companies, fake interviews, real thefts
— The North Korean hacker group Lazarus has created 3 fake companies, two of which are registered in the USA. The goal is to attack the crypto market from within.
📉 How the scheme works:
• Fake startups are created,
• AI-generated "employees" are used,
• Crypto developers are invited to "interviews,"
• During the communication — malware is injected
• Next — theft of private keys and access to wallets
💰 Since 2017, Lazarus has stolen over $3 billion in cryptocurrencies. These schemes are their signature style.
👾 Developers, be cautious: — Do not download files from unknown companies
— Check websites and names — especially if an "HR" with an .ai avatar contacts you
— Use isolated devices to store seed phrases
🔴 Subscribe — we will tell you how to protect yourself from hackers in suits
#bitcoin #crypto #lazarus #cybersecurity #BTC $ETH $BNB $XRP
— The North Korean hacker group Lazarus has created 3 fake companies, two of which are registered in the USA. The goal is to attack the crypto market from within.
📉 How the scheme works:
• Fake startups are created,
• AI-generated "employees" are used,
• Crypto developers are invited to "interviews,"
• During the communication — malware is injected
• Next — theft of private keys and access to wallets
💰 Since 2017, Lazarus has stolen over $3 billion in cryptocurrencies. These schemes are their signature style.
👾 Developers, be cautious: — Do not download files from unknown companies
— Check websites and names — especially if an "HR" with an .ai avatar contacts you
— Use isolated devices to store seed phrases
🔴 Subscribe — we will tell you how to protect yourself from hackers in suits
#bitcoin #crypto #lazarus #cybersecurity #BTC $ETH $BNB $XRP
🚨 BREAKING — UPBIT HACKED 🚨
South Korea’s Upbit suffered an ≈₩44.5bn (~$30.4M) Solana hot-wallet theft; authorities now suspect North Korea’s Lazarus Group. Upbit halted Solana deposits/withdrawals and says it will cover user losses — watch on-chain flows and market reaction. #Upbit #Lazarus #CryptoSecurity #XRP
Sources: Bloomberg / Yonhap / Korea JoongAng / Decrypt.
---
Viral 2-tweet thread (more detail, high engagement)
1/ 🚨 UPBIT HACK — $30M+ — Upbit detected abnormal withdrawals from a Solana hot wallet (≈₩44.5bn / ~$30.4M). Deposits & withdrawals on Solana paused. #Upbit #Solana.
2/ Authorities say the incident bears the signature of North Korea’s Lazarus Group (same MO as 2019). On-chain tracing shows stolen funds being converted and moved quickly — stay careful out there.
$XRP
#Lazarus #CryptoSecurity #XRP.
South Korea’s Upbit suffered an ≈₩44.5bn (~$30.4M) Solana hot-wallet theft; authorities now suspect North Korea’s Lazarus Group. Upbit halted Solana deposits/withdrawals and says it will cover user losses — watch on-chain flows and market reaction. #Upbit #Lazarus #CryptoSecurity #XRP
Sources: Bloomberg / Yonhap / Korea JoongAng / Decrypt.
---
Viral 2-tweet thread (more detail, high engagement)
1/ 🚨 UPBIT HACK — $30M+ — Upbit detected abnormal withdrawals from a Solana hot wallet (≈₩44.5bn / ~$30.4M). Deposits & withdrawals on Solana paused. #Upbit #Solana.
2/ Authorities say the incident bears the signature of North Korea’s Lazarus Group (same MO as 2019). On-chain tracing shows stolen funds being converted and moved quickly — stay careful out there.
$XRP
#Lazarus #CryptoSecurity #XRP.
North Korea's Lazarus Group behind the $1.2 Billion Ethereum Heist. 🇰🇵
A massive $1.19 billion crypto theft has shaken the industry, with North Korea’s Lazarus Group accused of hacking an Ethereum wallet on Bybit. The February 23 attack caused Ethereum’s price to drop 4%, reigniting concerns over exchange security.
Blockchain forensics firm Arkham Intelligence linked the breach to Lazarus, known for funding Pyongyang through cybercrime. Bybit CEO Zhou confirmed 350,000 withdrawal requests but assured users that assets remained secure. Recovery efforts face challenges despite global law enforcement involvement.
The heist follows North Korea’s growing reliance on crypto theft, with Lazarus previously orchestrating billion-dollar breaches, including the $625M Ronin Network hack. Experts stress the need for multi-signature wallets, AI-driven security, and stronger regulatory collaboration to combat state-backed cyber threats.
#NorthKoreaHackers #northkorea #LazarusGroup #Lazarus #Ethereum $ETH
A massive $1.19 billion crypto theft has shaken the industry, with North Korea’s Lazarus Group accused of hacking an Ethereum wallet on Bybit. The February 23 attack caused Ethereum’s price to drop 4%, reigniting concerns over exchange security.
Blockchain forensics firm Arkham Intelligence linked the breach to Lazarus, known for funding Pyongyang through cybercrime. Bybit CEO Zhou confirmed 350,000 withdrawal requests but assured users that assets remained secure. Recovery efforts face challenges despite global law enforcement involvement.
The heist follows North Korea’s growing reliance on crypto theft, with Lazarus previously orchestrating billion-dollar breaches, including the $625M Ronin Network hack. Experts stress the need for multi-signature wallets, AI-driven security, and stronger regulatory collaboration to combat state-backed cyber threats.
#NorthKoreaHackers #northkorea #LazarusGroup #Lazarus #Ethereum $ETH
🐦 The scariest crypto hacks no longer start on-chain. They start in DMs, conference halls, and fake friendships.
Drift’s April 1 exploit was not just another DeFi hack. Reports say the attackers gained privileged access through a longer setup involving social engineering and compromised administrative or multisig control, with losses estimated around $280M–$286M.
That is what should terrify every team in crypto.
Not because one protocol got hit.
Because the attack path looked human before it looked technical.
Fake partners.
Fake trust.
Real access.
By the time the exploit appears on-chain, the breach may have already happened weeks earlier through private chats, malicious files, cloned tools, or compromised workflows.
Drift has already frozen key protocol functions, flagged attacker wallets, and multiple reports now tie the operation to DPRK-linked actors or methods similar to earlier North Korea-linked campaigns.
This is the new reality for crypto teams:
If your opsec is weak, your code does not even need a bug to fail.
$DRIFT
#DRIFT #solana #CryptoSecurity #DeFi #Lazarus #NorthKorea
Drift’s April 1 exploit was not just another DeFi hack. Reports say the attackers gained privileged access through a longer setup involving social engineering and compromised administrative or multisig control, with losses estimated around $280M–$286M.
That is what should terrify every team in crypto.
Not because one protocol got hit.
Because the attack path looked human before it looked technical.
Fake partners.
Fake trust.
Real access.
By the time the exploit appears on-chain, the breach may have already happened weeks earlier through private chats, malicious files, cloned tools, or compromised workflows.
Drift has already frozen key protocol functions, flagged attacker wallets, and multiple reports now tie the operation to DPRK-linked actors or methods similar to earlier North Korea-linked campaigns.
This is the new reality for crypto teams:
If your opsec is weak, your code does not even need a bug to fail.
$DRIFT
#DRIFT #solana #CryptoSecurity #DeFi #Lazarus #NorthKorea
Login to explore more contents