September 3rd saw the issuance of a crucial alert by the FBI to personnel in digital asset organizations cautioning them about an advanced cyber danger posed by North Korea.
Caution from FBI Regarding North Korea’s Campaigns on Cryptocurrencies
It was disclosed that cybercriminals from North Korea are focusing on employees in decentralized finance (DeFi) and cryptocurrency companies.
These malefactors are employing social engineering tactics to purloin funds efficiently.
The alert stressed that these aggressors have meticulously researched firms engaged with cryptocurrency-connected exchange-traded funds (ETFs).
Unveiling the Deception
The FBI’s warning outlines the North Korean cyber perpetrators’ use of deceitful methods to target workers within the digital asset industry.
Their stratagems include crafting false job prospects or investment chances and posing as renowned figures associated with specific technologies.
To advance their cause, scammers often guide victims to a “pre-employment assessment” or other seemingly authentic downloads which, in reality, are crafted to install malware.
According to a press release by the FBI,
“The actors commonly engage in prolonged dialogues with prospective victims to establish trust and distribute malware through seemingly natural and inconspicuous means.”
History Repeats Itself
This occurrence isn’t novel. A short while ago, a breach amounting to $235 million at WazirX was thought to be masterminded by North Korean hackers.
Later, on August 22, 2023, the FBI cautioned cryptocurrency companies about a case involving $40 million in stolen crypto tokens attributed to North Korean hackers.
The agency affirmed that the Lazarus Group, a notorious hacker ensemble linked to North Korea’s TraderTraitor network, has transferred around 1,580 Bitcoin to different addresses.
This situation highlights the increasing frequency of crypto-centered frauds and breaches.
Further confirmation arrived from blockchain security entity Peckshield which documented over 10 notable breaches in August solely, causing $313.86 million in damages.
“The two most substantial breaches, both tied to unauthorized transfers (#Phishing), covered 93.5% of the total stolen assets, totaling $293.4 million.”
The report accentuates that phishing assaults, especially concerning Bitcoin [BTC] and the decentralized stablecoin Dai (DAI), were the main contributors to these significant losses.