Lazarus Strikes: $1.4B Crypto Heist Exposed by AhnLab

Crypto News Exploits

Lazarus Group Strikes Again: $1.4 Billion Crypto Heist Exposed by AhnLab

Written by Aaron S.,

Editor-In-Chief

Last Updated: December 01, 2025

Key Takeaways

Hackers use spear-phishing emails disguised as lecture invitations or interview requests to steal credentials and install malware;
Kaspersky recommends VPNs, limited information sharing, source verification, and multifactor authentication to reduce cyber risks;
AI will soon make phishing attacks harder to detect, which will increase threats from deepfakes and sophisticated evasion techniques.

Stop overpaying - start transferring money with Ogvio. Join the waitlist & grab early Rewards NOW! 🎁

Lazarus Group Strikes Again: $1.4 Billion Crypto Heist Exposed by AhnLab

BITDEGREE IN YOUR SOCIAL FEED

An investigation by cybersecurity firm AhnLab shows that the Lazarus Group, based in North Korea, relied on spear-phishing throughout the past year to steal digital assets.

Lazarus Group is linked to major crypto-related thefts, including the $1.4 billion Bybit $2.89B hack on February 21 and a recent $30 million breach at South Korea's Upbit $1.98B on November 27.

The attacks employed emails crafted to appear as lecture invites or interview requests, a tactic AhnLab highlights in its November 26 report titled Cyber Threat Trends & 2026 Security Outlook.

What is a Bitcoin Faucet? Pros & Cons Explained (With Animations)

Did you know?

Want to get smarter & wealthier with crypto?

Subscribe - We publish new crypto explainer videos every week!

These targeted messages enabled hackers to gather credentials, install malware, or gain unauthorized access by impersonating trusted communicators.

Kaspersky advised practical steps to guard against such threats. Recommended measures include using a VPN to encrypt connections, avoiding excessive sharing of personal information online, verifying message sources through alternate channels, and enabling multifactor or biometric authentication whenever possible.

For organizations, AhnLab stressed that a multi-layered security strategy is vital. Key actions include conducting routine security audits, keeping systems fully patched, and educating staff on potential attack vectors.

AhnLab also warned that artificial intelligence (AI) will make spear phishing more potent in 2026. Attackers may use AI to craft deceptive emails and websites that are harder to recognize, and to generate modified code that can evade detection.

Fake MON token transfers appeared on Monad’s blockchain explorers two days after launch. What did CTO and co-founder, James Hunsaker, say? Read the full story.