- Lazarus Group led spear phishing attacks to steal funds across multiple sectors, including cryptocurrency, over the past year.
- Spear phishing involves sending targeted fake emails that imitate trusted sources to gain access to sensitive information.
- Recommended defenses include VPN use, multifactor authentication, regular software updates, and staff education.
- Emerging technologies like AI are expected to increase the sophistication of such cyberattacks.
North Korean state-backed Hackers from the Lazarus Group primarily used spear phishing over the last year to steal money, particularly targeting cryptocurrency and financial sectors. Spear phishing is a targeted attack method using deceptive emails disguised as legitimate invitations or requests to capture sensitive data, according to AhnLab’s November 2025 report. The group was the most frequently identified Hacking entity in post-attack analyses conducted between October 2024 and September 2025.
The Lazarus Group is believed to be behind major hacks such as the $1.4 billion Bybit breach on February 21, 2025, and a $30 million exploit of South Korean exchange Upbit. Spear phishing requires attackers to research targets and impersonate trusted contacts, allowing them to steal credentials, install Malware, or access secure systems.
Cybersecurity company Kaspersky defines spear phishing as a more precise phishing technique that involves extensive attacker research, as explained on their resource page. Their recommended protections include encrypting online activity via VPNs, minimizing the sharing of personal information, verifying communications through alternate channels, and enabling multifactor or biometric authentication.
In addition to the Lazarus Group, other North Korean-linked hacking groups like Kimsuky and TA-RedAnt also contributed to cyberattack activity, with 27 and 17 disclosures respectively, per AhnLab. To reduce risks, companies are advised to implement a “multi-layered defense system” consisting of frequent security audits, up-to-date software patches, and employee training.
Individual users are encouraged to use multifactor authentication, keep security software current, avoid opening suspicious attachments or URLs, and download only from trusted sources. Looking ahead, AhnLab warns Artificial Intelligence will enable attackers to craft more convincing phishing emails and websites, use varied code to bypass detection, and increase spear phishing effectiveness through technologies such as deepfakes. The evolving threat landscape calls for heightened attention to data protection and leak prevention measures.
✅ Follow BITNEWSBOT on Telegram, Facebook, LinkedIn, X.com, and Google News for instant updates.
Previous Articles:
- Bitcoin and Ether Drop Over 3% Amid Yearn Finance Hack Panic
- Cocoon Decentralized AI Network Launches on TON Blockchain
- Metroid Prime 4 Launches This December on Switch and Switch 2
- Shiba Inu Investment Lost 26% Over One Year Ending July 2025
- S&P Downgrades Tether USDT Amid Reserve Transparency Concerns
