Paul Johnson Binance co-founder Changpeng Zhao’s CZ Google account was targeted by government-backed hackers, possibly linked to North Korea’s Lazarus Group, raising alarms about renewed cyber threats across the crypto industry.
CZ Google Account Targeted by State-Backed Hackers
A new cyber threat has shaken the crypto community as the CZ Google account belonging to Binance co-founder Changpeng Zhao became the target of a government-backed hacking attempt. The warning, flagged directly by Google, indicates that organized cyber groups potentially linked to North Korea’s Lazarus Group may be escalating their attacks on prominent figures in the digital asset space.
Zhao, who is widely known for his outspoken presence on X , shared a screenshot of the Google alert, suggesting that the attack might have originated from the same hacker collective responsible for some of the largest crypto heists in history. While Zhao downplayed the incident by saying his account does not hold sensitive data, the attempt underscores how influential crypto leaders remain prime targets for state-sponsored cyber espionage.
Lazarus Group’s Long Shadow Over the Crypto Industry
The Lazarus Group has maintained a notorious presence in global cybersecurity circles for years. The group is allegedly responsible for multiple billion-dollar crypto exploits, including the historic $1.4 billion Bybit theft earlier this year. The renewed targeting of the CZ Google account suggests that Lazarus is once again ramping up efforts to infiltrate high-value individuals and organizations in the blockchain ecosystem.
Experts in blockchain intelligence note that these attacks are part of a broader North Korean campaign to acquire foreign currency and fund Pyongyang’s sanctioned programs. Reports from United States intelligence agencies have revealed that these hackers often operate under the guise of remote IT workers, embedding themselves within legitimate firms to gain access to critical internal systems.
Anndy Lian, an intergovernmental blockchain adviser, confirmed that similar warnings have reached other high-profile individuals. “Even government officials have received alerts indicating that their accounts are being targeted by government-backed hackers,” he said, emphasizing that these attempts are becoming increasingly sophisticated.
CZ Raises Red Flag on North Korean Infiltration Tactics
This latest alert involving the CZ Google account follows a string of warnings issued by Zhao over the past month about North Korean operatives impersonating crypto professionals. He has previously cautioned companies to be wary of job seekers posing as developers or security engineers. These impostors use fake resumes and identities to gain employment, only to siphon data or digital assets from within.
Zhao’s warning came just weeks after a group of ethical hackers, known as Security Alliance (SEAL), exposed a network of more than 60 North Korean agents masquerading as IT specialists. These individuals reportedly targeted crypto exchanges and Web3 startups based in the United States, attempting to breach systems and extract sensitive user data.
Recent history validates Zhao’s concern. Coinbase suffered a data breach in May that impacted less than 1% of its transacting monthly users, resulting in potential losses of up to $400 million. By June, four North Korean operatives had managed to infiltrate several crypto startups as freelance developers, collectively stealing over $900,000.
Crypto Industry Faces Record Surge in State-Backed Attacks
The attempted infiltration of the CZ Google account reflects a much larger trend. According to Chainalysis data, North Korean-linked hackers stole approximately $1.34 billion worth of cryptocurrency in 2024 alone a staggering 102% increase compared to the previous year. These attacks spanned 47 confirmed incidents, highlighting both the scale and persistence of the threat.
Cybersecurity experts urge exchanges and blockchain projects to enhance their defensive frameworks by integrating multi-signature wallets, advanced encryption, and AI-driven threat detection systems. Dual wallet management and automated behavioral analysis are increasingly seen as essential tools to combat coordinated cyber operations.
Analysts also warn that beyond direct theft, these attackers aim to compromise reputational trust in the crypto sector. By targeting leaders like Zhao and breaching major exchanges, state-backed actors hope to destabilize confidence in decentralized finance and slow the adoption of blockchain technologies worldwide.
A Call for Vigilance Across the Digital Frontier
The ongoing targeting of the CZ Google account underscores an urgent reality: even the most security-conscious leaders are not immune to government-sponsored threats. The incident serves as a wake-up call for crypto firms, developers, and investors to adopt stronger preventive measures and promote industry-wide cybersecurity awareness.
As digital asset adoption accelerates, so does the sophistication of those seeking to exploit it. In an era where a single compromised account can trigger multimillion-dollar losses, the community must remain vigilant, proactive, and unified against malicious actors operating under state direction.
Disclaimer: Parts of this article were generated with the assistance from AI tools and reviewed by our editorial team to ensure accuracy and adherence to our standards.
