FBI Warns Crypto Industry of New Threats from North Korea

by Giorgi Kostiuk

a year ago

Introduction
North Korea's Attack Methods
Protection Recommendations

On September 3, the Federal Bureau of Investigation (FBI) issued a warning about North Korea’s increasingly aggressive targeting of the crypto industry. The agency detailed how North Korean actors are conducting sophisticated social engineering campaigns, particularly against employees of crypto-related businesses, including DeFi applications.

Introduction

In recent months, North Korean actors have been focusing on crypto exchange-traded funds (ETFs), indicating potential future attacks on companies linked to crypto ETFs or other related financial products. The report described the North Korean tactics as “complex and elaborate,” emphasizing that the goal is to deceive employees through social engineering and then deploy malware to steal cryptocurrency.

North Korea's Attack Methods

The FBI warned companies in the cryptocurrency sector that North Korea’s advanced tactics make them a significant threat to organizations managing large quantities of crypto assets. The report also cautioned that even individuals with strong cybersecurity knowledge can fall victim to these persistent efforts to compromise networks. A report by Recorded Future, published on November 30, 2023, estimated that North Korea’s Lazarus Group has stolen $3 billion in cryptocurrency between 2017 and 2023, highlighting the effectiveness of their methods.

The FBI advises victims of suspected North Korean cyber activities to immediately disconnect affected devices and report the incident through the Internet Crime Complaint Center.Federal Bureau of Investigation

Protection Recommendations

The FBI outlined several common tactics used by North Korean actors, including extensive pre-operational research, the creation of personalized fake scenarios, and impersonation of legitimate entities or individuals. These attacks often target dozens of employees, with fake scenarios frequently involving job offers or corporate investments, using personal information to build trust. To reduce the risk of such attacks, the FBI recommends implementing unique identity verification methods, avoiding the storage of crypto wallet information on internet-connected devices, and using multi-factor authentication for financial transactions.

The FBI emphasizes that companies and individuals should remain vigilant and take steps to protect against potential attacks. Organizations managing crypto assets should be aware of the sophisticated tactics used by North Korean attackers and implement the recommended security protocols.

Other news

eHailing Drivers Protest Bolt's New Wait and Save Option

eHailing drivers in Benin City protest against Bolt's new Wait and Save ride option, claiming it undermines their earnings and well-being.

Jacob Williams4 minutes ago

Financial Markets Show Resilience Amid SEC Operational Limitations

Financial markets have shown limited volatility following the SEC's announcement of reduced operations due to the government shutdown.

Son Min-ho4 minutes ago

SEC to Operate with Minimal Staff Amid Government Shutdown

The SEC will operate with minimal staff starting January 31, 2026, due to funding issues and a partial government shutdown, potentially delaying regulatory processes.