U.S. government warns North Korean hackers are targeting crypto firms

The report identified the malicious North Korean groups, Lazarus Group , APT38, BlueNorOff y Stardust Chollima and warned about phishing attacks against the crypto industry.

***

Companies in the crypto space could be under cyber threat from North Korean hackers, according to a U.S. government advisory.

On Monday, three U.S. government agencies jointly issued a warning about the threat posed by cyber tactics used by hacker groups believed to be sponsored by the North Korean state . The warning states that malicious actors would be specifically targeting cryptocurrency companies.

The Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security the term securities refers to a fungible and tradable financial instrument that carries a type of monetary value. Agency (CISA), and the Department of the Treasury published the announcement on CISA’s official website. The notice reads:

The U.S. government has observed North Korean cyber actors targeting a variety of organizations in the Blockchain a distributed ledger system. A sequence of blocks, or units of digital information, stored consecutively in a public database. The basis for cryptocurrencies. technology and cryptocurrency cryptocurrencies are digital currencies that use cryptographic technologies to secure their operation. industry.

Hackers North Koreans go after cryptocurrencies

El informe cita varias target areas for attackers within the cryptocurrency industry, including “ cryptocurrency exchanges, decentralized decentralization refers to the property of a system in which nodes or actors work in concert in a distributed fashion to achieve a common goal. finance protocols (DeFi), cryptocurrency video games to play to win, cryptocurrency trading companies, venture capital capital is most commonly defined as the large sum of money you would use to invest. funds investing in cryptocurrencies, and individual holders of large amounts of cryptocurrencies or valuable non-fungible tokens (NFT) “.

The agencies also mentioned the piracy groups that have been identified: Lazarus Group ,APT38, BlueNorOff y Stardust Chollima. According to the report, the attacks targeted by these organizations present what is called an advanced persistent threat (APT). The term refers to a type of cybersecurity threat in which malicious actors can gain authorized access to computer systems undetected for long a situation where you buy a cryptocurrency with the expectation of selling it at a higher price for profit later. periods of time.

The advisory also addresses tactics often used by such hackers. These include campaigns phishing when a scammer pretends to be a trusted institution or person to trick people into revealing sensitive information such as Social Security numbers, passwords, banking details, etc., often through a malware link disguised as legitimate. and social engineering with the aim of deploying malicious applications that contain malware malware or malicious software refers to harmful programs utilized by bad actors to illegally access and/or compromise a computer, network or server. Trojan. He adds that these campaigns are usually spread a price difference between asking and selling prices of the asset. via email sent to employees of cryptographic companies.

The U.S. agencies also indicated that the aforementioned groups have already hacked into several companies in the sector. They have found, for example, that Lazarus Group has used trojanized cryptocurrency applications from AppleJeus to spread malware which facilitates the theft of digital digital technologies are these electronic tools that have the ability to generate, store or even process data. assets.

As of April 2022, North Korean Lazarus Group actors have targeted several companies, entities, and exchanges in the Blockchain and cryptocurrency industry using spear phishing campaigns and malware to steal cryptocurrencies.

Lazarus Group attacked the network ofAxie Infinity

The warning anticipates that North Korean hackers are likely to continue “explotando las vulnerabilidades de las empresas de tecnología de criptomonedas“and lists some security procedures that firms and employees can take to avoid falling victim to attacks.

The U.S. government’s warning comes just days after the U.S. Treasury Department’s be identified to Lazarus as responsible for the attack of more than $600 million to Ronin Network a network refers to all nodes in the operation of a blockchain at any given moment in time. the network of the popular gameAxie Infinity. However, this is not the first time the hacker group has been involved in theft and hacking hacking is the process of using a computer to manipulate another computer or computer system in an unauthorized fashion. attacks on crypto projects.

As you recalled The Block a file containing information on transactions completed during a given time period. Blocks are the constituent parts of a blockchain.in a informe January 2022 the blockchain analytics company Chainalysis noted that Lazarus Group was involved in an attack on the cryptocurrency exchange businesses that allow customers to trade cryptocurrencies for fiat money or other cryptocurrencies. Kucoin in 2020 and another to an undisclosed exchange in 2018. The two attacks generated revenue to Lazarus of more than $500 million. The organization has also targeted other U.S. companies including Sony Pictures in 2014.

El aviso también coincide con las observaciones del founder of DeFiance Capital, Arthur Cheong, who warned on a ” campaña organizada para apuntar a todas las organizaciones prominentes en el espacio criptográfico ” led by BlueNorOff . Cheong, who recently lost USD $1.7 million in NFT non-fungible tokens (NFTs) are cryptocurrencies that do not possess the property of fungibility. and cryptocurrencies in a cyberattack on his home. phishing he wrote in a tweet :

It is critical for this industry to be very aware that we are under active attack by a state-sponsored [North Korean] cybercrime organization that is extremely resourceful and sophisticated.

1/ Based on our research and conversation with leading cyber security experts, we believe BlueNorOff are running an organized campaign to target all the prominent organizations in the crypto space.

– Arthur ????⛩️???????? (@Arthur_0x) April 15, 2022