N. Korea’s ‘Aggressive’ Cyber Attacks on Crypto Industry Revealed

The Federal Bureau of Investigation (FBI) in the United States has released a document warning the public about “aggressive” cyber attacks from North Korean hackers targeting the cryptocurrency sector and companies involved in digital asset investment.

As detailed in the report, these attacks primarily utilize advanced social engineering techniques that even those working in crypto and familiar with cybersecurity may fall prey to.

North Korean Hackers Targeting Crypto Companies

These social engineering schemes are typically intricate, sophisticated, and often hard to detect. The hackers have researched various targets engaged in or linked to the cryptocurrency sector. The FBI noted preparatory activities indicating that these malicious actors might try to launch cyber attacks against these firms via their staff.

“The FBI underscores that for organizations involved in or connected to the cryptocurrency industry, North Korea utilizes advanced strategies to expropriate cryptocurrency funds and presents an ongoing threat to firms possessing substantial quantities of cryptocurrency-related assets or products,” stated the U.S. agency.

Prior to attempting unauthorized access to corporate networks and devices through staff, these groups of North Korean hackers scout for potential victims on social media, especially on professional networking and job-related platforms.

The attackers craft personalized narratives, using details about the target’s background, job, or business interests to devise tailored fictional situations, such as new job offers or corporate investment opportunities. They ensure these narratives are particularly enticing to the targeted individuals.

Phony Impressions and “Routine” Requests

Once the malicious actors make contact with their targets, they work to cultivate rapport to foster familiarity, trust, and a sense of authenticity. They then strike when the victims are unsuspecting or in seemingly harmless scenarios, delivering malware to their gadgets or company networks.

These innocuous scenarios might involve requests to enable video call functions allegedly hindered by the victim’s location, prompts to download software or run code on company devices or networks, invitations to carry out pre-employment assessments and debugging tasks, and pressure to utilize custom software for straightforward duties.

The attackers also impersonate prominent individuals, tech professionals, and recruiters on professional networking sites.

“To bolster the reliability of their impersonations, the actors utilize realistic visuals, including images pilfered from publicly available social media profiles of the impersonated party. They may also deploy fictitious images from urgent events to provoke immediate responses from intended victims,” the agency noted.

The FBI has urged cryptocurrency firms to stay vigilant and for affected parties to take appropriate measures to address the issues before they lead to serious repercussions.