US cybersecurity firm Recorded Future has released a new report linking Lazarus, a North Korean hacking group, to various South Korean cryptocurrency exchange hacking attacks and security breaches. "North Korean government actors, specifically Lazarus Group, continued to target South Korean cryptocurrency exchanges and users in late 2017, before Kim Jong Un's New Year's speech and subsequent North-South dialogue. The malware employed shared code with Destover malware, which was used against Sony Pictures Entertainment in 2014 and the first WannaCry victim in February 2017," the report read.$7 mln stolen from BithumbIn February 2017, Bithumb, the second largest cryptocurrency exchange in the global market by daily trading volume, fell victim to a security breach that led to the loss of around $7 mln of user funds, mostly in Bitcoin and Ethereum's native cryptocurrency Ether. "By 2017, North Korean actors had jumped on the cryptocurrency bandwagon. The first known North Korean cryptocurrency operation occurred in February 2017, with the theft of $7 mln in cryptocurrency from South Korean exchange Bithumb. By the end of 2017, several researchers had reported additional spear phishing campaigns against South Korean cryptocurrency exchanges, numerous successful thefts, and even Bitcoin and Monero mining," Insikt Group researchers wrote. Motivation of North Korean hackersPrior to the release of Recorded Future's report, several other cybersecurity firms had accused North Korean hacking groups of targeting South Korean cryptocurrency trading platforms with sophisticated malware and phishing attack tools.