Lazarus Group Linked To $750,000 Ethereum Laundering - 1

Image by Kanchanara, from Unsplash

Lazarus Group Linked To $750,000 Ethereum Laundering

  • Written by Kiara Fabbri Former Tech News Writer
  • Fact-Checked by Sarah Frazier Former Content Manager

In a Rush? Here are the Quick Facts!

  • Lazarus Group deposited 400 ETH ($750,000) into Tornado Cash on March 13.
  • The deposit connects to their previous Bitcoin network activities, indicating ongoing fund laundering.
  • Lazarus has stolen over $1.3 billion in crypto assets in 2024, double 2023’s total.

On March 13, blockchain security firm CertiK reported that the group deposited 400 Ethereum (ETH), worth around $750,000, into the Tornado Cash mixing service, a tool used to obscure the origin of crypto assets.

#CertiKInsight 🚨 We have detected deposit of 400 ETH in https://t.co/0lwPdz0OWi on Ethereum from: 0xdB31a812261d599A3fAe74Ac44b1A2d4e5d00901 0xB23D61CeE73b455536EF8F8f8A5BadDf8D5af848. The fund traces to the Lazarus group’s activity on the Bitcoin network. Stay Vigilant! pic.twitter.com/IHwFwt5uQs — CertiK Alert (@CertiKAlert) March 13, 2025

This move was linked to their previous activity on the Bitcoin network, underscoring the group’s ongoing efforts to launder funds following high-profile hacks.

The Lazarus Group is notorious for its involvement in major cryptocurrency thefts, including the $1.4 billion hack of Bybit in February 2025 and the $29 million Phemex hack in January, as noted by CoinTelegraph .

According to blockchain analytics firm Chainalysis , Lazarus has stolen over $1.3 billion in crypto assets in 2024 alone, more than doubling their 2023 thefts.

Meanwhile, cybersecurity researchers at Socket have uncovered a new wave of malicious packages targeting the npm ecosystem, used by developers to manage JavaScript libraries.

The six malicious packages, downloaded over 330 times, were found to be embedded with a form of malware known as BeaverTail. These packages mimic legitimate libraries in a deceptive tactic called typosquatting, where slight variations in names are used to trick developers into installing harmful code.

Socket’s researchers observed that the tactics, techniques, and procedures in this npm attack closely align with Lazarus’s known operations. The packages were designed to steal sensitive information, including credentials and cryptocurrency data, while also deploying backdoors into affected systems.

Specifically, they targeted files in browsers like Chrome, Brave, and Firefox, and keychain data on macOS, focusing on developers who may not notice the malware during installation.

This attack highlights Lazarus’s continued use of sophisticated infiltration methods, leveraging trusted names in the npm registry to exploit the open-source community. Despite the obfuscation techniques used, researchers were able to detect the malicious intent and flagged the packages for removal.

As Lazarus continues its cybercriminal activities, experts warn that organizations must adopt stricter security measures, such as automated auditing of code and dependency scans, to prevent similar attacks.

Estonia’s Blackwall Raises €45 Million to Enhance SMB Cybersecurity - 2

Photo by Sigmund on Unsplash

Estonia’s Blackwall Raises €45 Million to Enhance SMB Cybersecurity

  • Written by Andrea Miliani Former Tech News Expert
  • Fact-Checked by Sarah Frazier Former Content Manager

The Estonian startup Blackwall raised €45 million euros—around $49.2 million—in its latest funding round, to continue developing products to protect small and medium-sized businesses (SMBs) from malicious online threats.

In a Rush? Here are the Quick Facts!

  • Estonian cybersecurity startup Blackwall secured €45 million in a Series B funding round led by Dawn Capital.
  • The investment aims to enhance Blackwall’s AI-driven security solutions, including its flagship product, GateKeeper, to better protect SMBs from online threats.
  • Blackwall plans to use the funds to double its workforce and expand into U.S. and Asia-Pacific markets.

According to TechCrunch , the recent investment comes from a Series B round and will be destined to develop Blackwall’s technology including Gatekeeper, its flagship product—an AI-powered reverse proxy that analyzes websites’s traffic and identifies and blocks malicious requests.

Blackwall, previously known as Botguard, was founded in 2019 as a solution for the increasing cyberattacks affecting all companies and e-commerce across the globe.

“The main difference is that large enterprises typically can survive with that,” explained Blackwall’s CEO and co-founder Nikita Rozenberg. “Most of these threats can simply kill small businesses.”

The company changed its name to Blackwell—inspired by the video game Cyberpunk 2077—as its owners began to expand its services beyond attacks related to bots.

They have also partnered with hosting services providers—who also need external alliances to meet client’s needs—so that potential customers can include the cybersecurity products in their offering.

Blackwall’s growth and business strategy have gotten the interest of Dawn Capital, one of the main investors in the company.

The startup has now partnered with more than 100 companies, and its services are being used by more than 2.3 million websites and apps. With the new investment, Blackwell expects to continue its expansion to the Unites States and APAC markets and keep developing its technologies.

One of its competitors, CloudFlare, has also been developing AI-powered tools to help customers avoid AI bots.