Newsinterpretation

Lazarus Rises Again: $4.2 Million Crypto Stolen in NFT Scam and Solana-to-Ethereum Swindle

North Korea’s hacking team, known as the Lazarus Group, has struck again—this time stealing a shocking $3.2 million in digital money. The scam took place on May 16, when a user lost millions of dollars through a carefully planned trap set by these cybercriminals.

The Multi Million Dollar Crypto Trap

Right after the money was stolen, the hackers turned the stolen coins from Solana into Ethereum, another type of cryptocurrency. Then, they used a secretive online tool called Tornado Cash to hide their tracks. Tornado Cash helps people move money around in a way that makes it hard to follow, almost like shaking up a puzzle so no one can tell where each piece came from.

At the time the scam was reported, around $1.25 million of the stolen money was still sitting in a special digital wallet. This wallet held two types of cryptocurrency: DAI and ETH. Investigators are still watching this wallet, hoping it might lead to more clues.

More Attacks Linked to Lazarus Group

This scam isn’t the only one. Just days before it was revealed, another big attack shocked the crypto world. On June 27, investigators discovered that the same lazarus group had carried out a sneaky hack involving digital artwork known as NFTs. These digital collectibles are like virtual trading cards that people buy and sell online.

The hackers targeted NFT projects tied to popular characters and brands. They began this attack on June 18 and were able to sneak into several NFT projects. Once inside, they took control of the digital artwork contracts. That means they could create fake versions of the NFTs and sell them like they were real.

Cyberattack Exposes Melbourne Hospital Patients Data on Dark Web

By doing this, they tricked people into buying fake NFTs. Almost $1 million was stolen by them from one attack alone. The money from these fake sales was then sent through three different digital wallets. This made it harder for anyone to track where the money went.

Later, some of the stolen funds were changed into more stable types of digital currency, called stablecoins. The hackers then moved this money to a well-known trading website called MEXC. This helped them hide the money even better.

Clues Point to North Korean Hackers

As experts dug deeper into the case, they noticed some clear signs linking the crime to North Korea. First, the pattern of the stolen money being moved matched earlier hacks carried out by the Lazarus Group. The way the money was split up, transferred, and turned into other types of digital currency looked very familiar.

Second, some of the online accounts used by the hackers had Korean settings and were active during times that lined up with North Korea’s time zone. This suggested that the people behind the scam were working from that region.

Hackers Steal Digital Gold Worth ₹1.95 Crore on Aditya Birla’s Finserv App

One of the NFT projects even had a top team member who is now believed to be a North Korean tech worker. His online profiles disappeared right after the scam, and no one has been able to confirm if his work history was real. These are common tactics used by cybercriminals to hide their true identity.

What’s more, this isn’t an isolated case. Over the past year, North Korea-linked hackers have stolen nearly $1.6 billion in cryptocurrency. That’s almost 70% of all the crypto thefts reported worldwide in 2025 so far. The Lazarus Group, in particular, has become one of the most dangerous players in the world of cybercrime, especially in the digital money space.

Renuka Bangale
Renuka is a distinguished Chartered Accountant and a Certified Digital Threats Analyst from Riskpro, renowned for her expertise in cybersecurity. With a deep understanding of cybercrimes, malware, cyber warfare, and espionage, she has established herself as an authority in the field. Renuka combines her financial acumen with advanced knowledge of digital threats to provide unparalleled insights into the evolving landscape of information security. Her analytical prowess enables her to dissect complex cyber incidents, offering clarity on risks and mitigation strategies. As a key contributor to Newsinterpretation’s information security category, Renuka delivers authoritative articles that educate and inform readers about emerging threats and best practices.

TOP 10 TRENDING ON NEWSINTERPRETATION

PDF Phishing Hits Hard as Cybercriminals Imitate Big Tech Brands like Microsoft, Adobe and more

Cybercriminals are now using a new and dangerous trick...

Alarming macOS Malware Uses Sneaky Tricks to Steal Keychain Passwords

A new malware called NimDoor is making waves in...

🛑 Sanctions Slam Aeza! U.S. and UK Team Up to Shut Down Russia’s Ransomware Powerhouse

The United States has announced tough new sanctions against...

🔍 Double espionage crisis: Iran hacks emails, China targets U.S. troops

The United States is facing new spying threats from...

Cloudflare’s Power Move Against Exploitation: Launches New Tool to Monetize AI Bot Access

Cloudflare, a major internet company, has launched a brand-new...

✈️ Skyjacked: Qantas Confirms Cyberattack Exposing Data of 6 Million Flyers

Qantas, Australia's biggest airline, has confirmed a serious cyberattack...

Sarcoma Ransomware Attack Exposes 1.3TB of Swiss Govt. Files

What Happened in Switzerland? A large cyberattack has hit Switzerland....

🌐 Spy Games in The Hague? ICC Targeted Again as Cyber Intrusions Escalate

The International Criminal Court (ICC), which investigates serious global...

“Gemini AI Is Watching—Even When You Say No”: Google Update Sparks Privacy Panic

In July, 2025, Google rolled out a big change...

🔍 Double espionage crisis: Iran hacks emails, China targets U.S. troops

The United States is facing new spying threats from...

Cloudflare’s Power Move Against Exploitation: Launches New Tool to Monetize AI Bot Access

Cloudflare, a major internet company, has launched a brand-new...

✈️ Skyjacked: Qantas Confirms Cyberattack Exposing Data of 6 Million Flyers

Qantas, Australia's biggest airline, has confirmed a serious cyberattack...

Sarcoma Ransomware Attack Exposes 1.3TB of Swiss Govt. Files

What Happened in Switzerland? A large cyberattack has hit Switzerland....
error: Content is protected !!
Exit mobile version