Lazarus集团加密黑客：从Bybit Exchange Hack到Ronin Bridge违规

由于加密货币以数字方式存储，并且在转换为菲亚特时经常以数百万甚至数十亿美元的价值估价，因此它已成为黑客的主要目标。

Cryptocurrency, being stored digitally and often valued in the millions or even billions when converted to fiat, has become a prime target for hackers. Since the bull run in 2017, the world has seen significant increases in token values, and the Lazarus Group has carried out multiple attacks on crypto entities.

加密货币被数字存储，经常在菲亚特转换为数百万甚至数十亿美元中，已成为黑客的主要目标。自2017年公牛奔跑以来，全世界的代币价值观显着提高，而拉撒路集团对加密实体进行了多次攻击。

This article aims to discuss the most popular attacks of the Lazarus Group in the crypto industry.

本文旨在讨论加密货币行业中拉撒路集团最受欢迎的攻击。

What is the Lazarus Group?

Lazarus团体是什么？

The Lazarus Group is a North Korean state-backed hacking organization known for cyber espionage and financial crimes. Active since at least 2009, it is believed to operate under North Korea’s Reconnaissance General Bureau, the country’s main intelligence agency.

拉撒路集团是一个以网络间谍和金融犯罪而闻名的朝鲜国家支持的黑客组织。至少从2009年起就活跃起来，据信它就在朝鲜侦察将军局（该国的主要情报机构）的领导下运作。

Since 2018, North Korean hackers have deployed several forms of malware posing as legitimate cryptocurrency businesses. In addition to phishing, hackers use social networking to lure victims.

自2018年以来，朝鲜黑客部署了几种形式的恶意软件，以合法的加密货币业务。除了网络钓鱼外，黑客还使用社交网络引诱受害者。

According to an article, Lazarus hackers reportedly receive state training and privileges, often working abroad to gain experience. Unlike Russian hacker groups that occasionally face government pressure, Lazarus operates recklessly with no fear of repercussions.

据一篇文章，据报道，拉撒路黑客接受州培训和特权，经常在国外工作以获得经验。与偶尔面临政府压力的俄罗斯黑客团体不同，拉撒路鲁ck行动，不担心会产生影响。

How Does it Attack?

它如何攻击？

The group is known for using sophisticated techniques to compromise computer systems and steal funds. They have been linked to several high-profile cyber-attacks, including the theft of $80 million from Bangladesh Bank in 2016.

该小组以使用复杂的技术来损害计算机系统并窃取资金而闻名。他们与几个备受瞩目的网络攻击有关，包括2016年从孟加拉国银行盗窃了8000万美元。

The hackers prefer to target cryptocurrency exchanges and DeFi protocols, aiming to steal large amounts of tokens. In several cases, Lazarus Group hackers impersonate recruiters to deceive job seekers.

黑客更喜欢针对加密货币交换和DEFI协议，旨在窃取大量令牌。在某些情况下，拉撒路集团黑客冒充招聘人员欺骗求职者。

Its main purpose is to generate revenue for the North Korean regime, which faces severe economic sanctions. The stolen cryptocurrency is then laundered through a complex network of mixers and tumblers.

其主要目的是为朝鲜政权产生收入，该政权面临严重的经济制裁。然后，通过复杂的混合器和不倒翁网络将被盗的加密货币洗涤。

List Crypto Attacks by Lazarus Group

列出Lazarus Group的加密攻击

Bybit Exchange Hack (2025)

Bybit Exchange Hack（2025）

Earlier this year, Chainalysis reported that North Korean hackers, likely from the Lazarus Group, stole $20 million from Bybit Exchange in 2025. The hackers infiltrated Bybit’s systems and stole user funds in BTC, ETH, and other tokens.

今年早些时候，Chainalysis报道说，可能来自Lazarus集团的朝鲜黑客在2025年从Bybit Exchange偷走了2000万美元。黑客渗透了Bybit的系统，并在BTC，Eth和其他代币中偷走了用户资金。

CoinsPaid Hack (2023-2024)

Coinspaid Hack（2023-2024）

In 2023, the Lazarus Group carried out an advanced persistent threat (APT) attack on CoinsPaid, a crypto payment gateway.

2023年，拉撒路集团对加密支付网关Coinspaid进行了高级持久威胁（APT）攻击。

CoinEx Hack (2023)

Coinex Hack（2023）

In August 2023, crypto exchange CoinEx confirmed a security breach that resulted in the theft of about $41 million in various tokens.

2023年8月，加密货币交易所Coinex确认了安全违规行为，导致盗窃约4100万美元的各种代币。

Atomic Wallet Hack (2023)

原子钱包黑客（2023）

Atomic Wallet, a popular cryptocurrency wallet provider, reported in July 2023 that hackers had stolen user funds.

流行的加密货币钱包提供商原子钱包在2023年7月报道说，黑客偷走了用户资金。

Alphapo Hack (2023)

Alphapo Hack（2023）

This year, cybersecurity firm ESET reported that Lazarus Group hackers breached cryptocurrency platform Alphapo, stealing an estimated $60 million in crypto.

今年，网络安全公司ESET报告说，Lazarus Group Hackers违反了加密货币平台Alphapo，窃取了估计的6000万美元的加密货币。

Ronin Bridge Breach (2022)

罗宁桥违规（2022）

In March 2022, hackers breached the Ronin Network bridge, part of the Axie Infinity ecosystem, and stole around $625 million in ETH and other tokens.

2022年3月，黑客违反了Axie Infinity生态系统的一部分Ronin Network Bridge，并在ETH和其他代币中偷走了约6.25亿美元。

Harmony’s Horizon Bridge Hack (2022)

Harmony's Horizo​​n Bridge Hack（2022）

In October 2022, Harmony announced that its Horizon Chain bridge had been hacked, resulting in the theft of over $100 million in cryptocurrency.

2022年10月，Harmony宣布其Horizo​​n Chain Bridge已被黑客入侵，导致盗窃了超过1亿美元的加密货币。

Stake.com Hack (2282)

Stake.com Hack（2282）

In November 2022, crypto gambling platform Stake.com disclosed a seven-figure seven-figure crypto theft from its platform.

2022年11月，加密赌博平台Stake.com从其平台揭示了七位数的七位数加密盗窃。

Non-Crypto Major Attacks

非克雷普托的重大攻击

In 2014, the group was blamed for the cyber-attack on Sony Pictures Entertainment, which led to the release of unreleased copies of the movie "The Interview."

2014年，该组织被指责为索尼影业娱乐公司（Sony Pictures Entertainment）的网络攻击，这导致了电影《访谈》的未发行副本。

In 2020, it carried out an attack on Microsoft Exchange Server, which affected tens of thousands of organizations around the world.

在2020年，它对Microsoft Exchange Server进行了攻击，该服务器影响了全球成千上万的组织。

This article is published on BitPinas: Biggest Crypto Hacks by North Korea’s Lazarus Group

本文发表在BITPINAS：朝鲜Lazarus Group的最大加密黑客