North Korean Hacking Groups Now Targeting Crypto Platforms, US Government Warns
The United States government through the Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), and the United States Treasury, on April 18, 2022, have advised cryptocurrency companies based in the U.S. to beef up their security systems and protect their platforms against potential attacks from North Korean hackers.
Security Alert
The CISA issued the warning on its official website on Monday. The U.S. federal agency, which is an arm of the U.S Department of Homeland Security, is tasked with the responsibility of seeing to the day-to-day security of all cyber-related issues that might affect American residents as well as those in the diaspora.
The agency, via the report, stated that the North Korean government under Kim Jong-un is believed to have sponsored a group of hackers with the sole aim of breaking into the systems of U.S-based blockchain-focused businesses.
The main groups fingered in the report include Stardust Chollima, APT38, BlueNoroff, and Lazarus.
The groups are said to be highly sophisticated and are categorized by the agency as an Advanced Persistent Threat, which simply means they have the ability and capability of gaining authorized access to their victim’s computer systems for long periods while remaining in stealth mode.
North Korean hackers are notorious for a wide range of cybercrimes, including information theft, crypto-asset theft, and more.
DeFi Protocols in Danger
Per the announcement by the agency, decentralized finance (DeFi) protocols, play-to-earn gaming metaverses, venture capital firms, and bitcoin (BTC) trading venues are currently on the radar of these bad actors.
Furthermore, the latest report has hinted that if the operation is successful, the laundered funds will be used to fund the regime and the lifestyle of its 38-year-old leader
Consequently, the agency further explained that the recent alert is not the first as several attempts have been made to steal crypto assets in the past.
Techniques like phishing campaigns and social engineering with the main goal of deploying dangerous applications containing trojan malware have been deployed in the past.
These malicious applications popularly called ‘TraderTraitor’ are perfectly executed by sending phishing emails to employees who work in crypto companies, to lure them into the snare via fake high-paying job offers.
The CISA has urged crypto market participants to implement extra security measures to protect their assets and information, while also avoiding suspicious business deals that might make them vulnerable to such attacks.
The Democratic People’s Republic of Korea, popularly called North Korea has been in a cyber-warfare with western countries for a while and one of its major assets is the hacking organization known as Lazarus Group.
The group is a state-owned hacking organization that has successfully stolen hundreds of millions of dollars from unsuspecting crypto firms in the past.
As reported by crypto.news in 2017, Lazarus stole over half a billion dollars from the crypto industry.