On September 3rd, the FBI issued a crucial alert to employees of digital asset companies, warning about a sophisticated new cyber threat originating from North Korea. This latest advisory highlights a series of targeted attacks aimed at the decentralized finance (DeFi) and cryptocurrency sectors, marking an escalation in cyber threats from North Korean hackers.
North Korean Cyber Attacks on Digital Asset Firms
The FBI’s alert details that North Korean cybercriminals are actively targeting staff members at DeFi and cryptocurrency companies. These attackers are leveraging advanced social engineering tactics designed to compromise and steal funds from their victims.
According to the agency, the cybercriminals have conducted extensive research on firms involved with cryptocurrency-linked exchange-traded funds (ETFs). Their schemes involve deceptive practices such as fabricating job offers or investment opportunities and posing as influential figures in the industry.
How the Scam Works
The FBI’s press release elaborates on the mechanics of these attacks. The North Korean hackers use counterfeit job offers or investment schemes to lure employees into their trap. Often, they direct their targets to download seemingly legitimate files or complete a "pre-employment test," which, in reality, is designed to install malware on the victim’s device.
The press release states, “The actors usually attempt to initiate prolonged conversations with prospective victims to build rapport and deliver malware in situations that may appear natural and non-alerting.” This method is intended to lower the victim's defenses and increase the likelihood of successful infiltration.
A Pattern of Cyber Attacks
This alert comes on the heels of previous incidents linked to North Korean cybercriminals. Recently, WazirX suffered a massive breach involving $235 million, which was suspected to be orchestrated by North Korean hackers. Additionally, on August 22, 2023, the FBI issued a warning about $40 million worth of stolen crypto tokens associated with North Korean hackers.
The FBI reported that the Lazarus Group, a notorious hacker collective tied to North Korea’s TraderTraitor network, had moved approximately 1,580 Bitcoin to various addresses. This incident underscores the growing threat of crypto-related scams and hacks.
Increasing Frequency of Hacks
The frequency and severity of such attacks have been corroborated by blockchain security firm Peckshield. The firm reported over 10 significant hacks in August alone, resulting in losses amounting to $313.86 million. Notably, phishing attacks were a major factor, with the two largest hacks, involving unauthorized Bitcoin transfers, accounting for 93.5% of the stolen funds—totaling $293.4 million.
Peckshield’s report highlights that phishing attacks, particularly those targeting Bitcoin (BTC) and the decentralized stablecoin Dai (DAI), have been primary contributors to these substantial financial losses.
Looking Ahead
The FBI’s alert serves as a stark reminder of the evolving and increasingly sophisticated nature of cyber threats in the digital asset space. As North Korean cybercriminals continue to refine their tactics, digital asset companies must remain vigilant and enhance their security measures to protect against these advanced social engineering schemes. The growing trend of cyberattacks in the cryptocurrency sector underscores the need for heightened awareness and robust defenses against such threats.
September 2024, Cryptoniteuae