North Korean hackers intensify attacks on crypto sector, FBI warns
The US Federal Bureau of Investigation (FBI) has warned crypto investors about the growing threat of sophisticated North Korean hackers. According to the US research agency, the aim of these cybercriminals is to steal large crypto reserves from companies that offer services related to digital assets. These hacking attacks are described as highly tailored social engineering campaigns that are difficult to detect. The agency had issued a similar warning in March, when it noted an increase in crypto investment fraud.
The threat of North Korean crypto hackers is persistent across all companies operating in the verticals of virtual digital assets, decentralized finance (DeFi), and crypto-related exchange traded funds (ETFs). “Before initiating contact, actors scout potential victims by monitoring social media activity, particularly on professional networks or work-related platforms,” the FBI said saidAccording to him, hackers use tactics such as convincing impersonation tricks, creating fake scenarios and conducting pre-operational research before mapping out a roadmap for implementing the hacks.
The FBI has listed a number of ways that crypto-related businesses can protect their platforms from North Korean hackers. These include creating personal, unique authentication mechanisms – which can filter out suspicious contactors.
“Do not store cryptocurrency wallet information — logins, passwords, wallet IDs, seed phrases, private keys, etc. — on internet-connected devices. Avoid conducting pre-employment testing or running code on company-owned laptops or devices,” the FBI warns.
The FBI also cites security measures that Web3 companies incorporate into their business operations: enabling multi-factor authentication (MFA), performing regular security audits, restricting access to internal network documentation and channeling business communications.
“If you suspect that you or your company has been affected by a social engineering campaign, immediately disconnect the affected device(s) from the internet. Leave the affected devices powered on to avoid losing access to recoverable malware artifacts,” the law enforcement agency added, which also suggested reporting such suspicions immediately.
Interestingly, this FBI announcement comes on the heels of a major breach at Indian exchange WazirX last month, which was reportedly carried out by the notorious Lazarus Group of North Korean hackers. The attack led to the theft of $230 million (approximately Rs. 1,900 crore) of WazirX reserves.
In a recent conversation with Gadgets 360, WazirX co-founder Nischal Shetty said, “Most researchers in the research community say the pattern matches the Lazarus group. We have, let’s say, one of the top researchers in the industry who says the pattern matches exactly. We have some credible information that, you know, that’s a possibility.”