The Blockspace Pod: How North Korean Hackers Stole $300M+ Via Telegram w/ Taylor Monahan
CoinDesk Podcast Network
Outro
Host closes the episode, thanks Taylor, and links further resources and the Secure List article.
North Korean hackers with the Lazarus Group have stolen over $300 million with this Telegram phishing scam.
Subscribe to the Blockspace newsletter!
Welcome back to The Blockspace Podcast! Today, Taylor Monahan, a security lead at MetaMask, joins us to talk about a highly sophisticated $300M phishing attack linked to North Korea’s Lazarus Group. Taylor shares how the Lazarus Group hijacks Telegram accounts to lure victims into fake Zoom meetings and download a Trojan horse malware program. We break down the hackers’ strategy, how the malware works, which wallet types are most vulnerable to theft, and what users can do to protect themselves if they have fallen prey to the scam or not. Tune in to learn how to identify these red flags and implement better digital hygiene for your crypto assets.
Check out this article for a deep dive into how the malware works; plus, follow Taylor for updates on X and keep track of Laars Group’s history of hacks via her Github.
Subscribe to the newsletter! https://newsletter.blockspacemedia.com
Notes:
* Lazarus Group stole over $300M in the last year.
* Attackers hijack Telegram accounts.
* Scammers use fake Zoom links to deploy malware.
* Malware often bypasses paid antivirus software.
* Sandbox architecture on iOS offers more safety.
* Software wallets and browser wallets are most vulnerable.
* 2FA remains critical for sensitive account access.
Timestamps:
00:00 Start
03:51 Telegram attack
11:30 2 Factor Authenticators
13:48 Losses
16:38 Calculating losses
19:08 North Korea
21:52 Malware
24:17 Malware detection
25:16 EDR
27:12 Wallets
34:21 Is verifying addresses enough?
39:28 Wallet malware design
44:11 What do they want?
54:16 Taylor stealing payloads
1:01:49 Steps to protect
👉CleanSpark, America's Bitcoin Miner!
CleanSpark (Nasdaq: CLSK) is a market-leading data center developer with a proven track record of success. We own a portfolio of power, land, and data centers across the United States powered by globally competitive energy prices. Sitting at the intersection of Bitcoin, energy, operational excellence and capital stewardship, we optimize our infrastructure to deliver superior returns to our shareholders. Monetizing low-cost, high reliability energy by producing a global emerging critical resource – compute – positions us to prosper in an ever-changing world.
The AI-powered Podcast Player
