北朝鲜黑客集团拉撒路（Lazarus

区块链分析平台阿卡（Arkha）发现，拉撒路（Lazarus）将被盗的ETH转换为比比特（Bybit）黑客之后的比特币。

A whopping $1.4 billion was stolen by the North Korean hacker group, Lazarus, in one of the largest cryptocurrency heists in history. The group has become a major sovereign bitcoin holder, ranking third after the US and UK.

在历史上最大的加密货币抢劫案之一中，朝鲜黑客集团拉撒路（Lazarus）偷走了一笔高达14亿美元的资金。该集团已成为主权比特币持有人，仅次于美国和英国排名第三。

The massive haul began with the theft of $800 million from cryptocurrency exchange, Bybit, and later expanded with the acquisition of meme coins through Solana-based Pump.fun, aiming to launder the stolen assets.

巨大的运输始于从加密货币交易所（Bybit）盗窃8亿美元，后来通过基于Solana的Pump.Fun收购Meme Coins。

According to blockchain analytics platform, Arkham, the hackers converted the stolen ETH into BTC, currently holding 13,562 BTC, valued at approximately $1.12 billion.

根据区块链分析平台，黑客将被盗的ETH转换为BTC，目前持有13,562 BTC，价值约为11.2亿美元。

Moreover, the hackers used a decentralized exchange, THORChain, which does not require any identity verification, to further obfuscate the stolen assets.

此外，黑客使用了分散的交换，不需要任何身份验证的胸腔thorchain，以进一步混淆被盗资产。

The group's main target was the Node Package Manager (NPM) ecosystem, where they embedded a Malware named "BeaverTail" in packages to mimic their real counterparts using typosquatting techniques to deceive developers.

该小组的主要目标是Node软件包管理器（NPM）生态系统，在该系统中，他们将一个名为“ Beavertail”的恶意软件嵌入包装中，以使用TypoSquatting技术模仿其真正的对应技术来欺骗开发人员。

The integrated malware was designed to steal sensitive data, including credentials and cryptocurrency, and install backdoors, granting persistent access to the compromised systems.

集成的恶意软件旨在窃取敏感数据，包括凭证和加密货币，并安装后门，从而持续访问折衷的系统。

Furthermore, Lazarus Group is known for its sophisticated financial maneuvering, which is evident in their ability to navigate international sanctions effectively.

此外，Lazarus集团以其复杂的金融操纵而闻名，这在其有效地导航国际制裁的能力方面是显而易见的。

The North Korean regime is reported to be facing severe economic hardship, with citizens enduring food shortages and energy crises. To mitigate these challenges, the regime has become increasingly reliant on cybercrime to generate revenue.

据报道，朝鲜政权面临严重的经济困难，公民遭受了粮食短缺和能源危机。为了减轻这些挑战，该政权越来越依赖网络犯罪来产生收入。

As reported by TronWeekly, the hackers' main target was the Node Package Manager (NPM) ecosystem, which housed many important JavaScript libraries. They embedded a Malware named "BeaverTail" in packages to mimic their real counterparts using typosquatting techniques to fool developers.

正如Tronweekly报道的那样，黑客的主要目标是Node软件包经理（NPM）生态系统，该系统拥有许多重要的JavaScript库。他们将一个名为“ Beavertail”的恶意软件嵌入包装中，以使用打字技术来模仿他们的真实对应技术，以欺骗开发人员。

"Lazarus hits npm again. Six new malicious packages target developers, stealing credentials and deploying backdoors."

“拉撒路再次击中NPM。六个新的恶意套餐针对的开发人员，窃取证书并部署后门。”

Lazarus Group’s Evolving Cyber Tactics

拉撒路集团不断发展的网络策略

After the attack, the group even tried to hide the stolen assets through different methods, including using THORChain, a decentralized exchange that does not need any identity verification.

攻击之后，该小组甚至试图通过不同的方法隐藏被盗资产，包括使用Thorchain，这是一个不需要任何身份验证的去中心化交换。

Broadening their attack, Lazarus also launched fake meme coins through Solana-based Pump.fun. Cyber experts have observed how cybercriminals utilized the platform to cover up the source of their stolen money. The exchanged funds were then moved to different exchanges, which makes tracking and detection increasingly challenging.

Lazarus扩大了攻击，还通过基于Solana的Pump.Fun推出了假模因硬币。网络专家已经观察到网络犯罪分子如何利用该平台来掩盖其被盗资金的来源。然后将交换资金移至不同的交流，这使得跟踪和检测越来越具有挑战性。

Noted crypto investigator ZachXBT retained undisclosed to prevent interference, however, ZachXBT validated the release of wallets from analytics tools.

著名的加密研究者Zachxbt保留了未公开以防止干扰的情况，但是，Zachxbt验证了从分析工具中释放钱包的。