FBI Warns Crypto Industry of New Threats from North Korea

by Giorgi Kostiuk

2 years ago

Introduction
North Korea's Attack Methods
Protection Recommendations

On September 3, the Federal Bureau of Investigation (FBI) issued a warning about North Korea’s increasingly aggressive targeting of the crypto industry. The agency detailed how North Korean actors are conducting sophisticated social engineering campaigns, particularly against employees of crypto-related businesses, including DeFi applications.

Introduction

In recent months, North Korean actors have been focusing on crypto exchange-traded funds (ETFs), indicating potential future attacks on companies linked to crypto ETFs or other related financial products. The report described the North Korean tactics as “complex and elaborate,” emphasizing that the goal is to deceive employees through social engineering and then deploy malware to steal cryptocurrency.

North Korea's Attack Methods

The FBI warned companies in the cryptocurrency sector that North Korea’s advanced tactics make them a significant threat to organizations managing large quantities of crypto assets. The report also cautioned that even individuals with strong cybersecurity knowledge can fall victim to these persistent efforts to compromise networks. A report by Recorded Future, published on November 30, 2023, estimated that North Korea’s Lazarus Group has stolen $3 billion in cryptocurrency between 2017 and 2023, highlighting the effectiveness of their methods.

The FBI advises victims of suspected North Korean cyber activities to immediately disconnect affected devices and report the incident through the Internet Crime Complaint Center.Federal Bureau of Investigation

Protection Recommendations

The FBI outlined several common tactics used by North Korean actors, including extensive pre-operational research, the creation of personalized fake scenarios, and impersonation of legitimate entities or individuals. These attacks often target dozens of employees, with fake scenarios frequently involving job offers or corporate investments, using personal information to build trust. To reduce the risk of such attacks, the FBI recommends implementing unique identity verification methods, avoiding the storage of crypto wallet information on internet-connected devices, and using multi-factor authentication for financial transactions.

The FBI emphasizes that companies and individuals should remain vigilant and take steps to protect against potential attacks. Organizations managing crypto assets should be aware of the sophisticated tactics used by North Korean attackers and implement the recommended security protocols.

Other news

Standard Chartered Implements Strict Editorial Policy for Market Commentary

Standard Chartered has announced a strict editorial policy that emphasizes accuracy, relevance, and impartiality in its market commentary.

Rajesh Kumar3 hours ago

SpaceX Pre-IPO Tokenized Offerings Canceled Due to Allocation Issues

Several crypto platforms canceled SpaceX pre-IPO tokenized offerings due to failed share allocation, leading to refunds for customers.

Miguel Rodriguez4 hours ago

Arbitrum Governance Proposes Major Funding for Foundation

Arbitrum governance is evaluating a funding proposal for the Arbitrum Foundation, seeking 16 million in real-world assets, 1,700 ETH, and 230 million ARB tokens to support its operations for another year.