BitMEX uncovers holes in Lazarus Group’s operational security
The analysis by the BitMEX security researchers revealed amateur-level operational security lapses in the Lazarus Group’s hacker network.
The BitMEX crypto exchange’s security team discovered gaps in the operational security of the Lazarus Group, a North Korean (DPRK) government-sponsored cybercrime network, following a counter-operations probe into the organization, which exposed IP addresses, a database, and tracking algorithms used by the malicious group.
Security researchers for the exchange say there is a strong likelihood that at least one hacker accidentally revealed his true IP address, which showed the actual location of the hacker to be in Jiaxing, China.
Additionally, the BitMEX researchers say they were also able to gain access to an instance of the Supabase database, a platform for easily deploying databases with simple interfaces for applications, used by the hacking group.