Lazarus Group sends 400 ETH to Tornado Cash, deploys new malware
North Korean-affiliated hacking collective the Lazarus Group has been moving crypto assets using mixers following a string of high-profile hacks. On March 13, blockchain security firm CertiK alerted its X followers that it had detected a deposit of 400 ETH (ETH) worth around $750,000 to the Tornado Cash mixing service. “The fund traces to the Lazarus group’s activity on the Bitcoin network,” it noted. The North Korean hacking group was responsible for the massive Bybit exchange hack that resulted in the theft of $1.4 billion worth of crypto assets on Feb. 21. It has also been linked to the $29 million Phemex exchange hack in January and has been laundering assets ever since. Lazarus Group crypto asset movements. Source: Certik Lazarus has also been linked to some of the most notorious crypto hacking incidents, including the $600 million Ronin network hack in 2022.North Korean hackers stole over $1.3 billion worth of crypto assets in 47 incidents in 2024, more than doubling thefts in 2023, according to Chainalysis data.New Lazarus malware detectedAccording to researchers at cybersecurity firm Socket, Lazarus Group has deployed six new malicious packages to infiltrate developer environments, steal credentials, extract cryptocurrency data and install backdoors. It has targeted the Node Package Manager (NPM) ecosystem, which is a large collection of JavaScript packages and libraries.Researchers discovered malware called “BeaverTail” embedded in packages that mimic legitimate libraries using typosquatting tactics or methods used to deceive developers. “Across these packages, Lazarus uses names that closely mimic legitimate and widely trusted libraries,” they added. Related: Inside the Lazarus Group money laundering strategyThe malware also targets cryptocurrency wallets, specifically Solana and Exodus wallets, the added. Code snippet showing Solana wallet attacks. Source: SocketThe attack targets files in Google Chrome, Brave and Firefox browsers, as well as keychain data on macOS, specifically targeting developers who might unknowingly install the malicious packages.The researchers noted that attributing this attack definitively to Lazarus remains challenging; however, “the tactics, techniques, and procedures observed in this npm attack closely align with Lazarus’s known operations.” Magazine: Mystery celeb memecoin scam factory, HK firm dumps Bitcoin: Asia Express
Crypto founders report deluge of North Korean fake Zoom hacking attempts
At least three crypto founders have reported foiling an attempt from alleged North Korean hackers to steal sensitive data through fake Zoom calls over the past few days. Nick Bax, a member of the white hat hacker group the Security Alliance, said in a March 11 X post the method used by North Korean scammers had seen millions of dollars stolen from suspecting victims. Generally, the scammers will contact a target with a meeting offer or partnership, but once the call starts, they send a message feigning audio issues while a stock video of a bored venture capitalist is on the screen; they then send a link to a new call, according to Bax. Having audio issues on your Zoom call? That’s not a VC, it’s North Korean hackers. Fortunately, this founder realized what was going on.The call starts with a few “VCs” on the call. They send messages in the chat saying they can’t hear your audio, or suggesting there’s an… pic.twitter.com/ZnW8Mtof4F— Nick Bax.eth (@bax1337) March 11, 2025“It’s a fake link and instructs the target to install a patch to fix their audio/video,” Bax said. “They exploit human psychology, you think you’re meeting with important VCs and rush to fix the audio, causing you to be less careful than you usually are. Once you install the patch, you’re rekt.” The post prompted several crypto founders to detail their experiences with the scam.Giulio Xiloyannis, co-founder of the blockchain gaming Mon Protocol, said scammers tried to dupe him and the head of marketing with a meeting about a partnership opportunity. However, he was alerted to the ruse when, at the last minute, he was prompted to use a Zoom link that “pretends to not be able to read your audio to make you install malware.”“The moment I saw a Gumicryptos partner speaking and a Superstate one I realized something was off,” he said. Source: Giulio XiloyannisDavid Zhang, co-founder of US venture-backed stablecoin Stably, was also targeted. He said the scammers used his Google Meet link but then made up an excuse about an internal meeting, asking him to join that meeting instead.“The site acted like a normal Zoom call. I took the call on my tablet though, so not sure what the behavior would’ve been on desktop,” Zhang said. “It probably tried to determine the OS before prompting the user to do something, but it just wasn’t built for mobile Oses.” Source: David ZhangMelbin Thomas, founder of Devdock AI, a decentralized AI platform for Web3 projects, said he was also hit with the scam and was unsure if his tech was still at risk. “The same thing happened to me. But I didn’t give my password while the installation was happening,” he said. “Disconnected my laptop and I reset to factory settings. But transferred my files to a hard drive. I have not connected the hard drive back to my laptop. Is it still infected?” Related: Fake Zoom malware steals crypto while it’s ‘stuck’ loading, user warnsThis comes after the US, Japan and South Korea on Jan. 14 issued a joint warning against the growing threat presented by cryptocurrency hackers associated with North Korean hackers. Groups such as the Lazarus Group are prime suspects in some of the biggest cyber thefts in Web3, including the Bybit $1.4 billion hack and the $600 million Ronin network hack.The Lazarus Group has been moving crypto assets using mixers following a string of high-profile hacks, according to blockchain security firm CertiK, which detected a deposit of 400 Ether (ETH) worth around $750,000 to the Tornado Cash mixing service. Magazine: Lazarus Group’s favorite exploit revealed — Crypto hacks analysis
Hardware wallet Ledger helps competitor Trezor resolve security vulnerability
Hardware wallet providers are constantly working to improve the security of their devices, as the safety of users’ crypto assets is of utmost importance. Recently, competitor firm Ledger’s open-source research arm discovered a vulnerability in the microcontrollers of Trezor’s Safe 3 and 5 models. This flaw could potentially make the devices vulnerable to advanced attacks.
Trezor quickly took action and patched up the security flaw, as confirmed by Ledger’s chief technology officer Charles Guillemet in a recent post. Guillemet also emphasized the importance of making the entire crypto ecosystem more secure, especially as the adoption of digital assets continues to grow.
Trezor had already implemented “Secure Elements” in their devices to protect users’ PIN codes and cryptographic secrets. However, Ledger found that the microcontroller in Trezor’s two-chip design for the Safe 3 and 5 models could still be exploited. This issue has since been resolved by Trezor, though the details of the fix have not been disclosed.
Trezor has assured users that their funds remain safe and no further action is required. However, the company also acknowledged that in the world of cybersecurity, nothing is completely unbreakable. This is why they have implemented multiple layers of defense against supply chain attacks and always advise users to purchase from official sources.
It’s worth noting that Ledger has also faced security vulnerabilities in the past, with a hacker stealing $484,000 worth of crypto assets in December 2023. Another threat actor also breached Ledger’s systems and published the mailing addresses of around 270,000 customers in June 2020.
In the end, it’s crucial for hardware wallet providers to constantly improve their security measures to protect users’ assets. As the crypto industry continues to grow, it’s important for users to also take precautions and purchase from official sources to minimize the risk of potential attacks.
Nebraska governor signs bill to regulate crypto ATMs, citing growing fraud
The governor of Nebraska, Jim Pillen, has taken a stand against cryptocurrency fraud by signing legislation to regulate crypto ATMs in the state. This move comes as the United States has seen a significant increase in crypto ATM crime, with victims losing over $65 million in the first half of 2024 alone.
Governor Pillen recognizes the importance of the emerging cryptocurrency industry and has been working to make Nebraska a leader in this space. However, he also understands the need for safeguards to protect Nebraskans from falling victim to fraudulent activities.
The bipartisan legislation, known as the “Controllable Electronic Record Fraud Prevention Act,” aims to combat fraud and protect users of crypto kiosks and ATMs. It requires operators to be licensed under Nebraska’s Money Transmitters Act and registered with the Department of Banking and Finance. They must also provide quarterly reports on kiosk locations and transactions.
To further prevent fraud, the bill implements transaction limits and caps fees at 18% of the transaction value. In the event of fraud, new customers can receive a full refund, while existing customers can be refunded for associated fees. Kiosk operators must also display fraud warnings and appoint a compliance officer to enforce prevention measures.
This legislation comes after Illinois Senator Dick Durbin introduced a similar bill that led to the shutdown of over 1,200 crypto ATMs in the US. While Nebraska is supportive of the crypto industry, it has yet to join the 21 states that have proposed legislation to establish strategic crypto reserves.
Nebraska’s Department of Banking director, Kelly Lammers, emphasizes that the state is open for business in the crypto space but will closely monitor those who target its citizens using crypto ATMs for fraudulent activities.
In addition to regulating crypto ATMs, Nebraska is also considering a bill that would promote fair play for crypto mining and ownership. However, the state has not yet joined the 21 states that have proposed legislation to establish strategic crypto reserves.
As the crypto industry continues to grow, it is crucial to have measures in place to protect users from fraud. With the signing of this bill, Nebraska is taking a step in the right direction towards creating a safe and secure environment for crypto transactions.
Ripple secures Dubai license to offer crypto payments in UAE
Blockchain payment provider Ripple received full regulatory approval from the Dubai Financial Services Authority (DFSA) to offer cross-border crypto payment services in the United Arab Emirates (UAE).The company announced on March 13 that it had secured its DFSA license, allowing it to operate in the Dubai International Financial Center (DIFC), a UAE free-economic zone with its own tax policies and regulatory framework.The announcement came almost six months after the company announced its receipt of an in-principle approval of the DFSA license. On Oct. 1, 2024, Ripple revealed that it was working to become licensed by the DFSA as it aimed to roll out its digital asset infrastructure in the UAE. Enabling blockchain-based global payments for UAE businessesWith this license, Ripple can now provide its global blockchain-based payment solutions to businesses across the UAE. The company said this allows it to cater to financial institutions looking for partners to help them use digital assets in real-world applications. In a news release sent to Cointelegraph, Ripple CEO Brad Garlinghouse said the UAE is “well-placed” to benefit from tech and crypto innovation, thanks to its early leadership and supportive environment:“We are entering an unprecedented period of growth for the crypto industry, driven by greater regulatory clarity around the world and increasing institutional adoption.”Ripple also reported that it had seen increased demand across the Middle East for cross-border payments. The company said the demand was not limited to crypto-native firms but also came from traditional financial institutions. Related: UAE to introduce legal framework for DAOsRipple becomes the first crypto payment provider in the DIFCWith DFSA approval, Ripple has become the first blockchain-enabled payments provider to operate within DIFC’s free zone, according to DIFC CEO Arif Amiri.”We are thrilled that Ripple is deepening their commitment to Dubai by securing a DFSA license that makes them the first blockchain-enabled payments provider in DIFC,” he said.The license allows Ripple to tap into opportunities in the UAE and the broader MENA region, he added.Magazine: The Sandbox’s Sebastien Borget cringes at the word ‘influencer’: X Hall of Flame
Traders could be prepping to buy as USDT activity hits 6-month high
Onchain activity for Tether has hit a sixth-month high, possibly indicating traders are gearing up to jump back into the market, according to analysts. Data shared by the blockchain data platform Santiment in a March 12 X post shows Tether’s (USDT) onchain activity has been on the rise, peaking with over 143,000 wallets making transfers on March 11, the highest in six months.“When USDT & other stablecoin activity spikes during price drops, traders are preparing to buy. Added buy pressure aids in crypto prices recovering,” Santiment said.Onchain activity for Tethers USDT has spiked, reaching a sixth-month high. Source: SantimentIt comes as Bitcoin (BTC) dropped to a four-month low of $76,700 on March 11, as the wider crypto market shed even more of the gains made post-US election amid macroeconomic uncertainty and an escalating tariff war.Speaking to Cointelegraph, Vincent Liu, chief investment officer at Kronos Research, said traders often accumulate Tether during dips to position themselves for buying opportunities, adding buy pressure that can help crypto prices recover.He speculates the uptick in USDT wallet activity likely reflects traders capitalizing on recent market volatility.“Possible causes include broader economic uncertainties, crypto-specific events like regulatory developments or post-election sentiment shifts, and Tether’s role as a stable haven, making it an ideal holding for investors preparing to deploy capital strategically,” Liu said.Related: Bitcoin, crypto ‘dip buy hype’ is now at its highest level in 7 monthsLiu says the surge in USDT activity is a bullish indicator, suggesting significant buying power on the sidelines, but the crypto market’s recovery will likely depend on factors like macroeconomic conditions, regulatory clarity, and investor confidence.“However, with the inflation rate easing to 2.8% in February, lower than expected in recent CPI data, this could reduce pressure on crypto prices and signal a more favorable environment,” he said.“Additionally, the upcoming Federal Open Market Committee (FOMC) on March 18th may provide further indications on interest rates and monetary policy, potentially influencing market development and recovery,” Liu added. A key Bitcoin and crypto sentiment tracker, the Crypto Fear & Greed Index, hit its lowest score in over two years on Feb. 26 as it slipped deeper into “Extreme Fear,” reaching a score of 10.Crypto sentiment has staged a recovery since, but the index has still registered a score of 45 on March 13, still in fear territory.Tether CEO Paolo Ardoino touring the US Meanwhile, Tether CEO Paolo Ardoino is currently on a tour of the US as lawmakers move to regulate the sector. During a March 12 speech at the Cantor Fitzgerald Global Technology Conference, he said that as it stands, around 37% of USDT users are using it as a savings account to store value.“They don’t have bank accounts. The only thing that they have in their life is usually cash,” Ardoino said.“Now they finally can hold the most used and most important stable currency in the world, that is the US dollar, but they keep it in their smartphones as their savings account.”CEO of @Tether_to, @paoloardoino, speaks at Cantor’s Global Tech Conference. #CantorTechhttps://t.co/2z8d46WDMG— Cantor (@Official_Cantor) March 12, 2025At the same time, Ardoino said, Tether is acting as one of the “last strongholds for the US dollar” amid growing concerns that the US dollar could lose dominance as the world’s reserve currency and a go-to for international transactions and commodity trades.The stablecoin issuer has also been working to curb bad actors in the space, collaborating on more than 170 law enforcement operations and freezing $2.5 billion in illicit funds, according to Ardoino.Magazine: Crypto fans are obsessed with longevity and biohacking: Here’s why
ETH/BTC hits 5-year low as trader suggests rotation into stronger alts
Ethereum’s value against Bitcoin has hit its lowest level since mid-2020, with a crypto trader suggesting that it might be time to shift into higher-performing altcoins.“If still stuck on ETH, it is likely a good time to dump it to buy a higher beta altcoin,” economist and crypto trader Alex Kruger said in a March 12 X post.ETH/BTC ratio is an altcoin season indicator“If the market goes down, you’ll likely lose equally in both cases, but if it goes up, you’ll likely outperform significantly and can then swap into BTC,” Kruger opined.The ETH/BTC ratio — which shows Ether’s relative strength compared to Bitcoin — is sitting at 0.02281, its lowest level in nearly five years, according to TradingView data. Bitcoin Dominance is 0.02281 at the time of publication. Source: TradingViewBoth the leading cryptocurrencies by market cap are trading below key psychological price levels. Bitcoin is trading at $83,667 — having remained below the $100,000 level since Feb. 5 — while Ether (ETH) is at $1,907, floating below $2,000 since March 10.Meanwhile, the Crypto Fear & Greed Index, which measures overall market sentiment, read a “Fear” score of 45, up 11 points from yesterday’s score.The Crypto Fear & Greed Index is reading a “Fear” score of 45. Source: alternative.meMany in the crypto industry see the ETH/BTC ratio “bottoming out” as a sign that altcoin season could kick off. On Feb. 14, Into The Cryptoverse founder Benjamin Cowen said on X to get an altcoin season, “ETH/BTC needs to bottom and start trending higher.”Bitcoin season could dominateHowever, other indicators suggest that altcoin season may not come so soon, and Bitcoin (BTC) may continue to hold market share in the near term.CoinMarketCap’s Altcoin Season Index — which bases the performance of the top 100 altcoins relative to Bitcoin over the past 90 days — reads a score of 13 out of 100, leaning more toward Bitcoin season.Related: Crypto whale liquidated for $308M in leveraged Ether tradePseudonymous crypto trader and Pear Protocol adviser Hansolar said in a March 13 X post that it will be Bitcoin season “all year round.”The trader said altcoin season was only 16 days last year and happened when Bitcoin’s Dominance dropped from 61% on Nov. 20 to 55% on Dec. 5 before rebounding to 59% by Dec. 21.At the time of publication, Bitcoin dominance stands at 62.15%, according to TradingView.When Ether hit its all-time high of $4,800 in November 2021, Bitcoin’s dominance was approximately 42%.Magazine: Crypto fans are obsessed with longevity and biohacking: Here’s whyThis article does not contain investment advice or recommendations. Every investment and trading move involves risk, and readers should conduct their own research when making a decision.
Crypto trading volume slumps, signaling market exhaustion: Analysis
Crypto trading volumes and dwindling digital asset prices are flashing signs of trader exhaustion and potentially weaker market momentum, according to analysts. Crypto-wide trading volume has been dropping since it peaked in February amid dip-buying opportunities. According to CoinGecko data, daily trading volume hit its highest level this year in early February when it reached $440 billion. It has since sunk by 63% to $163 billion on March 12. Market data firm CoinMarketCap has slightly lower figures but they show the same trend — that volume peaked in 2025 in early March before falling back 52% to current levels. Analytics firm Santiment said on X on March 13 that this decline in volume suggests that trader enthusiasm for the asset class is diminishing.“When trading volume for major cryptocurrencies consistently drops, even during slight price recoveries, it typically points toward diminishing trader enthusiasm.”Santiment added that trader behavior “indicates a mix of exhaustion, hopelessness, and capitulation” following further market capitalization declines over the past fortnight. Declining crypto trading volume. Source: SantimentTotal market capitalization has declined almost 25% since the beginning of February, shrinking by $900 billion as the crypto market correction deepens. Those declines have accelerated over the past 10 days when markets have lost 15% as fears of a recession in the United States increased amid escalating global trade tensions.Santiment stated that traders are becoming cautious, suggesting they might not believe that the current upward price movements will last. “Essentially, reduced trading activity reflects uncertainty, as fewer traders are convinced that buying at current levels will yield profitable outcomes,” the analysts added.Weakening trading volume amid minor price bounces can serve as an “early warning sign of weakening market momentum,” Santiment reported, adding that without robust buying participation, price gains can quickly lose steam, “as there simply isn’t enough underlying support to sustain the upward trend.”“This leads to the possibility that any rebound could be temporary, with prices vulnerable to another downturn.”Related: Bitcoin high-entry buyers are driving sell pressure, price may ‘floor’ at $70KHowever, shrinking volume during minor rebounds isn’t necessarily a direct bearish signal, it said, adding that volume is a metric that measures participation from both retail and institutional traders and it needs to start rising before prices do. “To signal a healthier and more sustainable recovery, bulls generally will want to see both rising prices and rising volumes simultaneously.”Crypto market capitalization is currently around $2.8 trillion, which is where it was this time last year before seven months of consolidation followed. Meanwhile, the Crypto Fear & Greed Index remains in “fear” territory, below 50, where it has been since Feb. 21. Magazine: Mystery celeb memecoin scam factory, HK firm dumps Bitcoin: Asia Express