Lazarus Group Strikes Again: $23M Heist from UK Crypto Firm Lykke Exposes Security Flaws
North Korea's infamous Lazarus Group has reportedly looted $23 million from British crypto startup Lykke—another reminder that in crypto, your keys aren’t just your coins, they’re a hacker’s lunch money.
How they did it: While Lykke hasn’t disclosed specifics, the breach follows Lazarus’ signature playbook: phishing, zero-day exploits, or good old-fashioned social engineering. The group’s hauled over $3 billion from crypto projects since 2017, per Chainalysis.
Why Lykke? The Switzerland-based exchange flew under the radar after pivoting from its 2016 ICO heyday. Light security on low-profile targets is Lazarus’ sweet spot—like stealing from a parked Lambo with the keys in the ignition.
The fallout: Lykke’s team claims ‘no customer funds affected’ (classic PR spin), but the theft underscores an ugly truth: Crypto’s ‘self-custody’ mantra works until you forget to lock the back door.
One cynical take: Another day, another crypto firm learning the hard way that ‘decentralized’ doesn’t mean ‘unhackable’—especially when state-sponsored hackers treat your treasury like an ATM.
Lazarus Group’s Biggest Known Crypto Heist Targeting the UK
If reports are confirmed, the heist would become North Korea’s biggest crypto fraud targeting Britain. The Lazarus hackers have so far succeeded in the largest $1.5 billion heist connected to crypto exchange ByBit this year.
Further, cybersecurity experts from Cyvers have also linked the Lazarus Group to the July 19 hack on the Indian crypto exchange CoinDCX, compromising $44 million.
The stolen funds from these heists are suspected to be part of Pyongyang’s broader efforts to fund its nuclear weapons and military programs, with billions already funnelled through previous crypto raids.
Crypto Fraud Detection Whitestream Blames North Korean Cyber Gang
An Israeli crypto investigation firm, Whitestream, has confirmed Lazarus’ involvement in Lykke’s heist, besides the UK Treasury arm’s investigation.
Investigators noted that attackers had laundered the stolen funds through two other cryptocurrency companies, avoiding money-laundering controls.
However, other researchers have denied the conclusions, stressing that it is too early to jump to blaming Lazarus.
Founded in 2015, Lykke operated from Switzerland but was registered in the UK. The platform offered cryptocurrency trading without transaction fees.
In 2023, the UK’s FCA issued a warning about Lykke over its unregistered offering of crypto products to Brits.
