The US government has accused North Korean hackers of attacking US technology companies to steal digital assets.
The US Department of the Treasury, together with the FBI and the Cybersecurity and Infrastructure Security Agency (CISA), issued a cybersecurity advisory warning of North Korean hack attacks on the blockchain and cryptocurrency industry. The recommendations say that the US government has long watched as North Korean cybercriminals prey on organizations working in the field of new technologies.
The document talks about the specific targets of the attacks: decentralized finance (DeFi) protocols, crypto exchanges, venture capital funds and individual holders of digital assets such as cryptocurrencies and NFTs. Experts suggest several ways to mitigate or prevent such attacks.
The attackers are state-sponsored and use tactics similar to the Lazarus Group, a well-known North Korean hacking organization, the authors of the recommendations warn. Hackers download malware into victims’ apps to make it easier to steal assets.
The attackers, experts at the Ministry of Finance warn, use the TraiderTraitor strategy, in which intrusions into the infrastructure of companies begin with phishing messages to employees of these companies, often those who directly work in IT. More often than not, the messages tell employees to click on a link to view a job offer with a much higher income than the victim receives. Criminals, according to American experts, use almost the entire range of tactics and methods to penetrate the networks of interest to them.
Recall that in February, the UN released a report in which it said that North Korea has accelerated the development of nuclear missiles, and digital currencies have become the main source of funding.
