Leading American agencies, including the FBI, the Cybersecurity and Infrastructure Security Agency (CISA), and the Treasury Department, alerted that North Korean-sponsored hackers seek to exploit crypto firms and exchanges in the USA. The wrongdoers’ main goal is to “generate and launder funds” to support the totalitarian regime in the East Asian country.
Beware of North Korean-Backed Hackers
In a joint advisory, the US agencies evidențiat the cyber threat “associated with cryptocurrency thefts and tactics” employed by North Korean-related gangs that started operating in 2020. The most notorious such groups, according to the FBI, the CICA, and the Treasury Department, include “Lazarus,” “APT38, ”Stardust Chollima,” and “BlueNoroff.”
“The US government has observed North Korean cyber actors targeting a variety of organizations in the blockchain technology and cryptocurrency industry, including cryptocurrency exchanges, decentralized finance (DeFi) protocols, play-to-earn cryptocurrency video games, cryptocurrency trading companies, venture capital funds investing in cryptocurrency, and individual holders of large amounts of cryptocurrency or valuable non-fungible tokens (NFTs),” the agencies warned.
The most employed method that the criminal groups use is social engagement with the victims. They encourage individuals to download trojanized digital asset applications on Windows or macOS operating systems. Then, the hackers use the apps to gain access to the victims’ devices to steal private keys or exploit other security gaps.
The advisory predicted that the criminals will likely continue attacking US crypto firms as the stolen funds will solidify Kim Jong-un’s dictatorship regime in North Korea.
To reduce such cases in the future, the American agencies recommended companies and individuals follow several safety measures. Consumers should use network segmentation to separate networks into zones based on roles and requirements. They should also monitor for any malicious attacks on the Internet.
Since North Korean hackers target user credentials, email, social media, and private business accounts, people should change their passwords frequently, the advisory advised.
Avertismentul precedent
Earlier this year, the Center for a New American Security (CNAS) alertat that North Korea’s most infamous cybercrime organization – the Lazarus Group – has transformed from a “rogue team of hackers to a masterful army of cybercriminals and foreign affiliates.” They steal hundreds of millions of dollars worth of digital assets and use a wide range of sophisticated techniques:
„Această intruziune majoră a inclus o gamă de tehnici sofisticate de hacking și spălare, inclusiv un serviciu profesional de mixare și utilizarea de noi platforme DeFi în încercarea de a înfunda activitatea.”
The CNAS noted that the Lazarus Group furat approximately $300 million worth of crypto in 2020 from the Singapore-based exchange KuCoin.
On another note, North Korean hackers collectively șutit almost $400 million in digital assets in 2021 after breaching the defense of exchanges and investment firms.
Most recently, the FBI indicată that the Lazarus Group is behind the massive Ronin breach, in which the perpetrators stole over $600 million worth of digital assets.
Binance gratuit 100 USD (exclusiv): Utilizați acest link pentru a vă înregistra și a primi 100 USD gratuit și 10% reducere la taxe la Binance Futures prima lună (termeni).
Ofertă specială PrimeXBT: Utilizați acest link pentru a vă înregistra și introduce codul POTATO50 pentru a primi până la 7,000 USD din depozitele dvs.
Source: https://cryptopotato.com/fbi-us-treasury-department-warn-about-north-korean-backed-crypto-hackers/