While not much is known about the Lazarus Group, researchers have attributed numerous cyber attacks to them over the past decade, as well as ties to Russia. The Lazarus Group (also known as the Guardians of Peace or the Whois Team) is a cybercriminal group with an unknown number of hackers. One of the earliest attacks is known as “Operation Troy”, which took place from 2009–2012. In 2014, Lazarus attacked Sony Pictures Entertainment and stole over 276 thousand company files, immediately appearing on WikiLeaks. The stolen documents reveal the company’s immediate plans, the actors’ fees and working conditions, and most importantly, shed light on how Sony lobbies its interests in the government. Kaspersky Lab reported in 2017 that Lazarus tended to focus on espionage and cyberattacks while a subgroup within their organization. Kaspersky called it Bluenoroff. In February 2017, North Korean hackers stole $7 million from the South Korean exchange Bithumb. Youbit, another South Korean crypto platform, filed for bankruptcy in December 2017 after 17% of its assets were stolen in cyber attacks. Since the beginning of 2021, Lazarus has also begun to carry out attacks on cybersecurity researchers and increased activity in decentralized finance. One of the largest crypto hacks of all time occurred in 2022. Crypto gaming company Axie Infinity lost $620 million in cryptocurrency. Authorities later said North Korean cybercriminals linked to the Lazarus group were behind the massive theft. Analysts also believe that Lazarus Group is responsible for hacks of other crypto companies, including Ronin sidechain, Atomic Wallet, Alphapo platform, and Horizon cross-chain bridge.

Full study : Lazarus Group: hackers from a country with no internet threaten Defi.