Government-Supported Hackers Target CZ’s Google Account
Binance's co-founder Changpeng Zhao warns about government-backed cyber threats, particularly from North Korea's notorious Lazarus Group.
Hackers recently attempted to breach the Google account of Binance’s co-founder, Changpeng “CZ” Zhao, indicating a rising threat from state-sponsored hacker groups, especially the infamous North Korean Lazarus Group.
“Government-backed attackers” aimed to steal Zhao’s password, as highlighted in a Google alert shared by him, suggesting the involvement of North Korea’s Lazarus Group. Zhao mentioned, “I receive this warning from Google occasionally. Can anyone tell me what this means? North Korea Lazarus? Not that my account includes anything significant.”
The Lazarus Group is believed to be responsible for some of the most impactful cryptocurrency thefts, including the $1.4 billion hack of Bybit, which is the largest in the industry to date, occurring on February 21.
Source: Changpeng Zhao
U.S. intelligence agencies have identified a “sophisticated network of agents posing as remote IT workers, funneling significant funds back to Pyongyang,” according to Anndy Lian, an author and intergovernmental blockchain adviser. Lian reported that a government official received a similar alert, indicating that hackers were also trying to compromise his account.
“They attempted to reach out to Google for additional details, but their requests were refused for security reasons,” Lian added.
On September 18, Zhao had earlier alerted about the increasing danger posed by North Korean hackers seeking to penetrate crypto companies under false pretenses or bribery.
He noted, “They apply for jobs as candidates to gain employment in your enterprise. This offers them a ‘foot in the door,’ especially for roles in development, security, and finance.”
His advisory came as a group of ethical hackers, identified as Security Alliance (SEAL), cataloged profiles of at least 60 North Korean agents masquerading as IT professionals aiming to infiltrate U.S. cryptocurrency exchanges and access sensitive client data.
Repository of 60 North Korean IT worker impersonators. Source: lazarus.group/team
With cryptocurrency organizations needing to bolster their defenses against these threats, experts recommend the implementation of dual wallet management and real-time AI monitoring solutions.
