Lazarus Group impersonates Fenbushi on LinkedIn for phishing

As a researcher with a background in cybersecurity and experience in investigating hacking groups, I find the recent activities of Lazarus Group on LinkedIn to be a serious concern. This North Korean collective’s use of social engineering tactics to impersonate executives from reputable blockchain industry companies, such as Fenbushi Capital, is a sophisticated and dangerous approach to phishing attacks.


A cybersecurity firm called SlowMist has discovered that the North Korean hacking gang, Lazarus Group, disguises itself as Fenbushi Capital executives on LinkedIn. They employ this tactic as part of an intricate plan to carry out phishing attacks within the blockchain industry.

Based on SlowMist’s report, fraudulent hackers have established a fake LinkedIn account named “Nevil Bolson,” deceitfully presenting themselves as a founding partner of Fenbushi. They have used an authentic image of a Fenbushi partner to boost the profile’s credibility and mislead LinkedIn users.

Alert: Be cautious of the suspected #Lazarus group, disguised as Fenbushi Capital on LinkedIn! Warning extended to @fenbushi, @SlowMist_Team, @boshen1011, and @VitalikButerin. 👇wards. Stay vigilant.

— 23pds (@im23pds) April 29, 2024

Lately, there’s been a surge in deceitful actions, with Lazarus Group zeroing in on staff members possessing experience in cryptocurrencies. They’ve predominantly employed social media as their tool for carrying out harmful schemes.

SlowMist’s findings also reveal that the group has been involved in moving $12 million in Ether through Tornado Cash, a noted cryptocurrency mixer, as part of their financial maneuvers.

Lazarus targets significant decentralized finance (DeFi) projects, using the crafted identity to insert malicious links that appear as legitimate business inquiries or event invitations. When clicked, these links initiate phishing attacks, posing a serious threat to data security and financial integrity in the blockchain sector.

Read More

Sorry. No data so far.

2024-04-29 14:44