Attributing Attacks Against Crypto Exchanges to LAZARUS - North Korea. CryptoCore is an attack campaign against crypto-exchange companies that has been ongoing for three years. This cybercrime campaign is focused mainly on the theft of #cryptocurrency wallets, and we estimate that the attackers have already made off with hundreds of millions of dollars. The campaign is also known as CryptoMimic, Dangerous Password and Leery Turtle. This group has successfully hacked into numerous companies and organizations. The effort to infiltrate cryptocurrency exchanges has since grown more elaborate. Suspected North Korean hackers set up a fake company pretending to be a trading platform to convince victims to install malicious piece of software.

https://www.clearskysec.com/wp-content/uploads/2021/05/CryptoCore-Lazarus-Clearsky.pdf