The United States, Japan, and South Korea have jointly warned the global blockchain industry about the increasing cyber threats posed by North Korean hackers.
Joint Statement on Cyber Threats
In a joint statement released on January 14, the nations emphasized the risks posed by groups like the notorious Lazarus Group, which are targeting cryptocurrency exchanges and investors to fund North Korea’s operations. Hackers used advanced social engineering and malware to infiltrate systems, prompting blockchain companies to be cautious when hiring IT workers to avoid links to North Korea.
Cyber Attacks and Threats in 2024
In 2024, North Korean cyber actors were involved in significant thefts, including a $308 million heist from Japan’s DMM Bitcoin exchange, carried out by the North Korean hacking group TraderTraitor. According to the U.S. FBI, the breach began when a hacker posed as a LinkedIn recruiter and sent a malicious Python script disguised as a pre-employment test to an employee at Ginco, a wallet management service provider for DMM Bitcoin. Executing the script provided access to Ginco’s systems, resulting in the massive theft.
Attacks on Upbit and Connections to North Korea
South Korean authorities confirmed that North Korean hacker groups Lazarus and Andariel were behind the 2019 Upbit cryptocurrency hack, which resulted in the theft of 342,000 Ethereum (ETH). Originally valued at 58 billion won, the stolen Ethereum has since surged to 1.47 trillion won due to rising crypto prices.
The joint efforts of the U.S., Japan, and South Korea aim to warn the global community of the need for measures to protect against cyber threats from North Korean hackers.
