FBI Issues Alert Concerning Malicious State-Sponsored North Korean Hackers Targeting Crypto Firms
On April 18, the Federal Bureau of Investigation (FBI), the U.S. Treasury Department, and the Cybersecurity and Infrastructure Security Agency (CISA) published a Cybersecurity Advisory (CSA) report concerning malicious North Korean state-sponsored cryptocurrency activity. According to the U.S. government, law enforcement officials have observed North Korean cyber actors targeting specific blockchain companies in the industry. FBI Alleges North Korean Hacking Activity Is on the Rise, Report Highlights Lazarus Group’s Activities
The FBI, alongside a number of U.S. agencies, published a CSA report called “North Korean State-Sponsored APT Targets Blockchain Companies.” The report details that the APT (advanced persistent threat) has been state-sponsored and active since 2020. The FBI explains that the group is commonly known as Lazarus Group, and U.S. officials accuse the cyber actors of a number of malicious hack attempts.
North Korean cyber actors target a variety of organizations such as “organizations in the blockchain technology and cryptocurrency industry, including cryptocurrency exchanges, decentralized finance (defi) protocols, play-to-earn cryptocurrency video games, cryptocurrency trading companies, venture capital funds investing in cryptocurrency, and individual holders of large amounts of cryptocurrency or valuable non-fungible tokens (NFTs).”
The FBI’s CSA report follows the recent Office of Foreign Assets Control (OFAC) update which accuses Lazarus Group and North Korean cyber actors of being involved in the Ronin bridge attack. After the OFAC update was published, the ethereum mixing project Tornado Cash revealed it was leveraging Chainalysis tools, and blocking OFAC-sanctioned ethereum addresses from using the ether mixing protocol. ‘Apple Jesus’ Malware and the ‘TraderTraitor’ Technique
According to the FBI, Lazarus Group leveraged malicious malware called “Apple Jesus,” which trojanizes cryptocurrency companies.
“As of April 2022, North Korea’s Lazarus Group actors have targeted various firms, entities, and exchanges in the blockchain and cryptocurrency industry using spearphishing campaigns and malware to steal cryptocurrency,” the CSA report highlights. “These actors will likely continue exploiting vulnerabilities of cryptocurrency technology firms, gaming companies, and exchanges to generate and launder funds to support the North Korean regime.”
The FBI says the North Korean hackers utilized massive spearphishing campaigns sent to employees working for crypto firms. Typically the cyber actors would target software developers, IT operators, and Devops employees. The tactic is called “TraderTraitor” and it often mimics “a recruitment effort and offer high-paying jobs to entice the recipients to download malware-laced cryptocurrency applications.” The FBI concludes that organizations should report anomalous activity and incidents to the CISA 24/7 Operations Center or visit a local FBI field office. Tags in this story advanced persistent threat, axie infinity, CISA, CSA report, defi exploits, ethereum address, ethereum addresses, Ethereum wallet, FBI, FBI report, Financial Institutions, Guardians of Peace, Hacker Group, Hacker Syndicate, Hackers, Hidden Cobra, Kim Jong-un, Law Enforcement, Lazarus Group, north korea, OFAC, Potonggang District, pyongyang, ransomware, Sanctions, Treasury, U.S. authorities, united nations, United States, US Persons, US Treasury
What do you think about the FBI’s claims about North Korean state-sponsored cyber attackers? Let us know what you think about the FBI’s latest report in the comments section below. Jamie Redman
Jamie Redman is the News Lead at Bitcoin.com News and a financial tech journalist living in Florida. Redman has been an active member of the cryptocurrency community since 2011. He has a passion for Bitcoin, open-source code, and decentralized applications. Since September 2015, Redman has written more than 5,000 articles for Bitcoin.com News about the disruptive protocols emerging today. Jack Dorsey Claims if "You’re Building on Ethereum You Have at Least One, if Not Many, Single Points of Failure" NEWS | 2 hours ago Privacy-Centric Monero Plans for July Hard Fork, Plans Include Ring Signature, Bulletproof Upgrade NEWS | 4 hours ago
Image Credits: Shutterstock, Pixabay, Wiki Commons Previous articleInterest in Real Estate Investments in Spain Grew 400%, With Some Using Crypto and Stocks as Payment Method Next articleBitcoin, Ethereum Technical Analysis: BTC Back Above $41,000 as Crypto Bulls Return Disclaimer: This article is for informational purposes only. It is not a direct offer or solicitation of an offer to buy or sell, or a recommendation or endorsement of any products, services, or companies. Bitcoin.com does not provide investment, tax, legal, or accounting advice. Neither the company nor the author is responsible, directly or indirectly, for any damage or loss caused or alleged to be caused by or in connection with the use of or reliance on any content, goods or services mentioned in this article. Read disclaimerShow comments More Popular NewsIn Case You Missed ItRipple CEO: SEC Lawsuit Over XRP "Has Gone Exceedingly Well"
The CEO of Ripple Labs says that the lawsuit brought by the U.S. Securities and Exchange Commission (SEC) against him and his company over XRP "has gone exceedingly well." He stressed: "This case is important, not just for Ripple, it’s ... read more.Central Bank of Brazil Confirms It Will Run a Pilot Test for Its CBDC This Year Tony Hawk"s Latest NFTs to Come With Signed Physical Skateboards Draft Law Regulating Aspects of Crypto Taxation Submitted to Russian Parliament Goldman Predicts US Recession Odds at 35% in 2 Years, John Mauldin Wouldn"t Be Surprised if Stocks Fell 40%