The United States Federal Bureau of Investigation (FBI) has released a document alerting the public to “aggressive” attacks by North Korean hackers against the crypto industry and companies associated with digital asset investment products.
According to the report, these attacks mainly consist of sophisticated social engineering tactics that even cryptocurrency industry employees and market participants well-informed about cybersecurity practices could fall victim to.
North Korean hackers target cryptocurrency firms
These social engineering attacks are often complex, sophisticated, and difficult to detect. The attackers conducted research on several targets active in or connected to the cryptocurrency industry. The FBI observed pre-operational preparations that suggested these threat actors may attempt malicious cyber activities against these companies through their employees.
“For companies active in or associated with the cryptocurrency industry, the FBI emphasizes that North Korea employs sophisticated tactics to steal cryptocurrency funds and poses a persistent threat to organizations with access to large amounts of cryptocurrency-related assets or products,” the U.S. agency said.
Before these North Korean hacking groups attempt to gain unauthorized access to corporate networks and devices through employees, they seek out potential victims on social media, particularly professional and job-related networking platforms.
Hackers incorporate the target’s personal information about their background, employment, or professional interests to create personalized fictional scenarios, such as job offers or corporate investment opportunities. They ensure that these scenarios are particularly attractive to the targeted individuals.
Identity Thieves and “Normal” Requests
Once malicious actors make contact with their targets, they work to maintain rapport to create familiarity, trust, and a sense of legitimacy. They then attack unsuspecting victims or those in seemingly natural situations by distributing malware to their devices or corporate networks.
Some seemingly natural situations include requests to enable video calling features that are supposedly blocked due to the victim’s location, requests to download applications or execute code on corporate devices or networks, requests to perform pre-employment testing and debugging exercises, and insistence on using custom software for simple tasks.
These attackers also pose as high-profile individuals, technology experts, and recruiters on professional networking sites.
“To increase the credibility of their impersonations, the actors use realistic images, including photos stolen from the impersonated individuals’ open social media profiles. These actors may also use fake images of urgent events to prompt the intended victims to take immediate action,” the agency added.
The FBI urged cryptocurrency businesses to remain vigilant and for affected entities to take appropriate steps to address issues before they cause significant harm.
Binance Free $600 (CryptoPotato Exclusive): Use this link to create a new account and receive an exclusive $600 welcome offer on Binance (full details).
LIMITED OFFER 2024 on BYDFi Exchange: Up to $2,888 Welcome Reward, Use this link to register and open a position of 100 USDT-M for free!
