The North Korean hacker group Famous Chollima has launched a new attack scheme targeting crypto experts via fake job offers. The attacks are organized using malware to steal user data.
Methods of Attack and Emerging Threats
Famous Chollima hackers create fake job portals and offer technical interviews where users input their personal information. The malware known as PylangGhost is capable of stealing credentials from over 80 browser extensions, including password managers and crypto wallets like Metamask and 1Password. The sites masqueraded as well-known companies, such as Coinbase and Uniswap, aiding the success of the attacks.
Advice for Preventing Fraud
Cybersecurity expert Dileep Kumar H V recommends conducting cybersecurity audits for blockchain companies and monitoring fake job portals. He also calls for improved global coordination against cybercrime and the promotion of informative campaigns to raise digital awareness.
North Korea's Role in Cybercrime
North Korea has become notorious for its cybercriminal schemes. Recently, groups linked to North Korea have stolen at least $659 million through multiple cyberattacks. The involvement of IT specialists in such schemes indicates that cybercrime is an essential element of financing the regime’s arms programs.
Fake job interviews and cyberattacks by North Korean hackers highlight the need for increased attention to cybersecurity, especially in the cryptocurrency space. Ensuring data protection and informing the public about potential threats are becoming increasingly important.
