U.S. Government Issues Alert on Malicious North Korean Crypto Activity


The FBI, the U.S. Treasury Department, and Cybersecurity and Infrastructure Security Agency (CISA) have co-released a cybersecurity advisory on North Korean state-sponsored efforts targeting the blockchain and cryptocurrency industry. 

“The U.S. government has observed North Korean cyber actors targeting a variety of organizations in the blockchain technology and cryptocurrency industry,” the report reads

Track live crypto price of 10000+ coins!


The report specifically cites several target areas of the industry, including exchanges, decentralized finance (DeFi) protocols, venture capital funds, and individual holders of large amounts of crypto-related assets such as tokens or non-fungible tokens (NFTs). 

The alert also includes several mitigation strategies designed to stimy the activity led by these cyber actors.

Lazarus Group targets crypto

In the report, the U.S. government identifies a group of state-sponsored actors using tactics similar to Lazarus Group, a previously identified and infamous North Korean hacker organization. 

These tactics include uploading malware software on victims’ applications to facilitate the theft of crypto holdings. 

“As of April 2022, North Korea’s Lazarus Group actors have targeted various firms, entities, and exchanges in the blockchain and cryptocurrency industry using spearfishing campaigns and malware to steal cryptocurrency,” the report reads. 

Related:  Gala is announcing a partnership with Stick Figure Productions to distribute Four Down on the Blockchain

The advisory also references a strategy dubbed “TraderTraitor,” where intrusions begin with specific spearphishing messages sent to employees in crypto companies, often those working in IT or software development. 

These messages often mimic recruitment strategies, offering high-paying jobs to entice victims to download the malware. 

North Korean crypto ambitions

This is not the first time North Korea has been associated with illicit crypto activity. 

Last year, the United Nations released a report that found North Korea’s nuclear and ballistic missiles programs were part-financed by cryptocurrencies

Elsewhere, blockchain analytics platform Chainalysis found North Korean hackers stole almost $400 million in Bitcoin and Ethereum in 2021. 

The U.S. treasury recently connected North Korean hackers to the $622 million Axie Infinity exploit that targeted the cryptocurrency video game’s Ethereum sidechain, the Ronin network.

The best of Decrypt straight to your inbox.

Get the top stories curated daily, weekly roundups & deep dives straight to your inbox.


Download MAXBIT Android App, Your best source of all crypto news!

Google Play

Source link

Share this article: