🚨 Lazarus Targets Solana and Exodus Wallets — Hundreds of Developers Compromised
Lazarus Group, the North Korea-linked cybercrime organization, has launched a new targeted cyberattack against users of Solana and Exodus wallets, specifically focusing on software developers.
The attackers deployed malware via fake updates and malicious libraries, infecting hundreds of developers. According to security researchers, the malware was hidden in modified open-source packages and distributed through platforms like GitHub, PyPI, and even Discord.
The objective: gain full access to crypto wallets by capturing private keys and seed phrases.
Of particular concern is Lazarus’s increasing focus on developers — using them as entry points to breach larger infrastructure targets, including exchanges and DeFi platforms. The group is employing increasingly sophisticated techniques, including social engineering and spoofed legitimate software.
Experts strongly recommend: Verifying all download sources; Avoiding unverified repositories; Using only official wallet versions; Enabling two-factor authentication.
