Changpeng Zhao, emblematic figure of the crypto world and founder of Binance, has just revealed an attempted intrusion into his Google account. Behind this attack are hacker groups supported by governments, probably the formidable North Korean collective Lazarus.
In brief
- CZ received a warning from Google reporting an attempted intrusion by “government-backed attackers.”
- The North Korean group Lazarus is suspected of being behind this attack, as for the hack of Bybit which cost 1.4 billion dollars.
- North Korean hackers stole more than $1.34 billion in crypto assets in 2024, double the amount from the previous year.
- CZ had already warned about the infiltration of North Korean agents posing as candidates for employment in crypto companies.
When States become pirates: the CZ alert
Yesterday, Changpeng Zhao, co-founder of Binance, shared a worrying notification from Google on X. The message informed him that an attempt to steal his password was underway, orchestrated by “government-backed attackers.”
In his post, CZ immediately mentioned the Lazarus group, a North Korean hacker organization infamous in the crypto world.
This alert is not an isolated case. Blockchain expert and intergovernmental advisor Anndy Lian confirms that several government officials have received similar warnings.
“ I personally know a government official who received a message similar to CZ's, telling him that his account is being detected by government-backed hackers who are trying to steal his password. “, he explains. However, Google remains mum on the details of these attacks for security reasons.
The Lazarus group tops the list of suspects. This North Korean collective is considered the mastermind behind the most devastating crypto exploits. On February 21, they allegedly orchestrated the record hack of Bybit, stealing $1.4 billion, the largest sum ever stolen in the industry. These funds would directly feed Pyongyang's coffers, according to American intelligence services.
A threat that intensifies and diversifies
The attack on the founder of Binance is part of an alarming trend. North Korean hackers have ramped up their operations in 2024, stealing $1.34 billion in 47 separate incidents. This amount represents an explosion of 102% compared to the 660 million stolen in 2023, according to Chainalysis data.
But their strategy is evolving. Three weeks before this attempted intrusion, CZ had already sounded the alarm about a new tactic: infiltration through employment.
“ They pose as job candidates at your company. This gives them a foot in the door, including job opportunities in development, security and finance. “, he warned on September 18.
The Security Alliance (SEAL) organization has even compiled a directory of 60 North Korean agents operating under false identities to infiltrate American crypto platforms.
There is no shortage of concrete examples. In June, four North Korean agents disguised as freelance developers managed to steal $900,000 from several crypto startups. Coinbase also suffered a data breach in May, exposing the information of less than 1% of its users but potentially resulting in $400 million in refund fees.
Faced with this escalation, cybersecurity experts are calling for an urgent response. They recommend implementing dual-authentication wallet management systems and real-time AI threat monitoring.
The crypto industry now has to deal with adversaries with almost unlimited state resources. Meanwhile, CZ continues its activities with YZi Labs, which just announced a billion-dollar fund to support BNB Chain developers.
Maximize your Tremplin.io experience with our 'Read to Earn' program! For every article you read, earn points and access exclusive rewards. Sign up now and start earning benefits.
