North Korean state-backed hackers, the Lazarus Group, used spear phishing attacks to steal funds in the last year, receiving the most mentions in post-hack analyses. The group is suspected in the $1.4 billion Bybit hack and the $30 million Upbit exploit. Spear phishing requires research and planning by attackers.

To protect against spear phishing, use a VPN, limit personal details online, verify email sources, and enable multifactor authentication. The Lazarus Group targeted finance, IT, and defense, with 31 disclosures between October 2024 and September 2025. AhnLab recommends a multi-layered defense system and regular security audits.

AhnLab warns that AI will make bad actors more efficient and attacks more sophisticated in 2026. Attackers can use AI to create realistic phishing websites and deepfake attacks, making it harder for victims to detect. Preventing data leaks and securing data will be crucial in the face of evolving AI technology.

Read more at Cointelegraph: North Korea Lazarus Group Tops Cyber Threats with Spear Phishing Attacks