Hacking groups from North Korea are working hard to use malware to get access to cryptocurrency platforms and businesses in order to steal money. The main targets are cryptocurrency exchanges, decentralised finance (DeFi) platforms, and businesses associated with bitcoin exchange-traded funds (ETFs), according to a recent FBI warning released on Tuesday.
Hackers Posing as Real Individuals or Businesses
These hackers have reportedly been researching their targets for several months, according to the FBI. One popular strategy used by scammers to win over their victims is to pose as trustworthy people or businesses. Once the victim’s trust has been gained, they send malicious files or links that look legitimate in order to access the victim’s computer.
Making Use of Social Media to Increase Credibility
Social media platforms and the content they put on are frequently used by scammers to trick victims into believing they are real. They might pretend to be recruiters presenting alluring employment openings or tempting investment prospects. These offerings, however, are false; they make unrealistically high promises. The final goal is to defraud people of their bitcoin and take it from their present employment.
Harmful Downloads and Phishing Websites
Some cybercriminals even go so far as to create websites that appear authentic in order to support their fictitious identities or businesses. Workers in the cryptocurrency industry have been reported to be asked to download apps or run scripts on company-owned devices or devices linked to the company’s network. They occasionally ask victims to complete fictitious “pre-employment tests” in an attempt to deceive them into downloading and installing dangerous programs, files, or scripts. According to the FBI research, unexpected downloads, links, attachments, or programs are frequently used in these kinds of assaults.
Experts in Cybersecurity Are Vulnerable
The FBI warns that North Korea’s widespread and persistent hostile actions can affect even those who are well-versed in cybersecurity procedures. They represent a serious concern due to their unrelenting attempts to breach networks connected to cryptocurrency assets.
Why Hackers Are Attracted to Cryptocurrency
Because transactions using cryptocurrency cannot be easily reversed once funds have been stolen, hackers find it extremely appealing. It is impossible to do chargebacks, difficult to intercept stolen assets, and difficult to follow cryptocurrencies between digital wallets. Hackers frequently employ “mixers,” like the US-approved Tornado Cash, to obfuscate the flow of money they have stolen, making it more difficult for law enforcement to find the culprits and follow wallet movements.
The History of North Korean Hackers in the Crypto Sector
For years, North Korean hackers—particularly the infamous Lazarus Group—have made the cryptocurrency sector their top priority. The gang has been connected to multiple high-profile hacks, such as the Sony hack in 2014, the $100 million Harmony blockchain attack, and the $622 million Ronin blockchain attack in 2022. Lazarus was recently charged with taking advantage of a Windows zero-day vulnerability that was fixed.
