北朝鮮黑客集團拉撒路（Lazarus

區塊鏈分析平台阿卡（Arkha）發現，拉撒路（Lazarus）將被盜的ETH轉換為比比特（Bybit）黑客之後的比特幣。

A whopping $1.4 billion was stolen by the North Korean hacker group, Lazarus, in one of the largest cryptocurrency heists in history. The group has become a major sovereign bitcoin holder, ranking third after the US and UK.

在歷史上最大的加密貨幣搶劫案之一中，朝鮮黑客集團拉撒路（Lazarus）偷走了一筆高達14億美元的資金。該集團已成為主權比特幣持有人，僅次於美國和英國排名第三。

The massive haul began with the theft of $800 million from cryptocurrency exchange, Bybit, and later expanded with the acquisition of meme coins through Solana-based Pump.fun, aiming to launder the stolen assets.

巨大的運輸始於從加密貨幣交易所（Bybit）盜竊8億美元，後來通過基於Solana的Pump.Fun收購Meme Coins。

According to blockchain analytics platform, Arkham, the hackers converted the stolen ETH into BTC, currently holding 13,562 BTC, valued at approximately $1.12 billion.

根據區塊鏈分析平台，黑客將被盜的ETH轉換為BTC，目前持有13,562 BTC，價值約為11.2億美元。

Moreover, the hackers used a decentralized exchange, THORChain, which does not require any identity verification, to further obfuscate the stolen assets.

此外，黑客使用了分散的交換，不需要任何身份驗證的胸腔thorchain，以進一步混淆被盜資產。

The group's main target was the Node Package Manager (NPM) ecosystem, where they embedded a Malware named "BeaverTail" in packages to mimic their real counterparts using typosquatting techniques to deceive developers.

該小組的主要目標是Node軟件包管理器（NPM）生態系統，在該系統中，他們將一個名為“ Beavertail”的惡意軟件嵌入包裝中，以使用TypoSquatting技術模仿其真正的對應技術來欺騙開發人員。

The integrated malware was designed to steal sensitive data, including credentials and cryptocurrency, and install backdoors, granting persistent access to the compromised systems.

集成的惡意軟件旨在竊取敏感數據，包括憑證和加密貨幣，並安裝後門，從而持續訪問折衷的系統。

Furthermore, Lazarus Group is known for its sophisticated financial maneuvering, which is evident in their ability to navigate international sanctions effectively.

此外，Lazarus集團以其複雜的金融操縱而聞名，這在其有效地導航國際制裁的能力方面是顯而易見的。

The North Korean regime is reported to be facing severe economic hardship, with citizens enduring food shortages and energy crises. To mitigate these challenges, the regime has become increasingly reliant on cybercrime to generate revenue.

據報導，朝鮮政權面臨嚴重的經濟困難，公民遭受了糧食短缺和能源危機。為了減輕這些挑戰，該政權越來越依賴網絡犯罪來產生收入。

As reported by TronWeekly, the hackers' main target was the Node Package Manager (NPM) ecosystem, which housed many important JavaScript libraries. They embedded a Malware named "BeaverTail" in packages to mimic their real counterparts using typosquatting techniques to fool developers.

正如Tronweekly報導的那樣，黑客的主要目標是Node軟件包經理（NPM）生態系統，該系統擁有許多重要的JavaScript庫。他們將一個名為“ Beavertail”的惡意軟件嵌入包裝中，以使用打字技術來模仿他們的真實對應技術，以欺騙開發人員。

"Lazarus hits npm again. Six new malicious packages target developers, stealing credentials and deploying backdoors."

“拉撒路再次擊中NPM。六個新的惡意套餐針對的開發人員，竊取證書並部署後門。”

Lazarus Group’s Evolving Cyber Tactics

拉撒路集團不斷發展的網絡策略

After the attack, the group even tried to hide the stolen assets through different methods, including using THORChain, a decentralized exchange that does not need any identity verification.

攻擊之後，該小組甚至試圖通過不同的方法隱藏被盜資產，包括使用Thorchain，這是一個不需要任何身份驗證的去中心化交換。

Broadening their attack, Lazarus also launched fake meme coins through Solana-based Pump.fun. Cyber experts have observed how cybercriminals utilized the platform to cover up the source of their stolen money. The exchanged funds were then moved to different exchanges, which makes tracking and detection increasingly challenging.

Lazarus擴大了攻擊，還通過基於Solana的Pump.Fun推出了假模因硬幣。網絡專家已經觀察到網絡犯罪分子如何利用該平台來掩蓋其被盜資金的來源。然後將交換資金移至不同的交流，這使得跟踪和檢測越來越具有挑戰性。

Noted crypto investigator ZachXBT retained undisclosed to prevent interference, however, ZachXBT validated the release of wallets from analytics tools.

著名的加密研究者Zachxbt保留了未公開以防止干擾的情況，但是，Zachxbt驗證了從分析工具中釋放錢包的。