AhnLab: Lazarus spear‑phishing na join wit di $1.4B Bybit heist, AI go boost phishing for 2026

Cybersecurity firm AhnLab tok say Lazarus Group wey get link to North Korea don dey use targeted spear‑phishing for the past year take chop crypto credentials, deploy malware and carry big thefts — including one wey dem estimate na $1.4 billion wey involve Bybit and other breaches like $30 million Upbit loss. Di attackers dem dey pose as lecturers, interviewers or other trusted contacts to make victims run bad code or give up credentials. AhnLab find say Lazarus appear for 31 post‑incident analyses from Oct 2024–Sep 2025 and dem attribute over $1.43 billion crypto thefts to the group for that period. Di firm warn say for 2026 attackers go dey use AI more — like deepfakes, automated phishing content and polymorphic malware — to make spear‑phishing more convincing and to dodge detection. Recommended mitigations for exchanges, custodians and traders include multi‑layered defenses: regular audits and patching, staff phishing training, multifactor and biometric authentication, VPNs, careful handling of links/attachments, stronger anomaly detection, and verifying communications through independent channels. For traders, immediate actions be: harden account access (MFA, hardware keys), reduce custodial risk where fit, verify any unusual requests off‑channel, and monitor counterparty health — cus successful breaches fit cause short‑term liquidity shocks or volatility around affected venues.