Lazarus Hacker Group Attacks Local Japanese Crypto Companies With Malware to Steal Cryptocurrencies

The hacking group uses social engineering to orchestrate phishing attacks on local Japanese crypto firms.

Written by Shomik Sen Bhattacharjee, Edited by David Delima | Updated: 18 October 2022 12:42 IST

Highlights

Lazarus reached out to employees through social networking sites
Phishing involves a malware-infected link being sent to a victim
Lazarus has been accused of a number of recent hacks

Lazarus Hacker Group Attacks Local Japanese Crypto Companies With Malware to Steal Cryptocurrencies

NPA and FSA are asking Japanese crypto businesses to stay alert for possible “phishing” attacks

Photo Credit: Unsplash/ Towfiqu barbhuiya

Lazarus, the North Korea-backed hacker group, has been sending phishing emails to Japanese crypto exchange employees to infect their computers with malware, causing some companies to have their systems hacked and cryptocurrencies stolen, Japan's National Police Agency announced last week. The police also said Lazarus had reached out to employees through social networking sites to persuade them to download the malware. Japanese police warned that the cyberattack group sends phishing emails to employees of a crypto firm, pretending to be an executive of the company.

In the public advisory statement issued on October 14, Japan's National Police Agency (NPA) and Financial Services Agency (FSA) sent a warning to the country's crypto-asset businesses. They urged them to stay vigilant of “phishing” attacks by the hacking group aimed at stealing crypto assets.

The statement reveals that phishing emails pretending to conduct business transactions contain malware and target it through social networking sites with false accounts. The cyber-attack group then uses the malware as a foothold to gain access to the victim's network to steal crypto assets.

Tether Has Cut Commercial Paper Exposure From Reserves

As per the statement, phishing has been a common mode of attack used by North Korean hackers. The NPA and FSA have urged targeted companies to keep their "private keys in an offline environment" and to "not open email attachments or hyperlinks carelessly."

The statement also added that individuals and businesses should not download files from unknown sources. They should only download from sources whose authenticity can be verified, especially for applications related to cryptographic assets.

The NPA also suggested that digital asset holders "install security software" and strengthen identity authentication mechanisms by "implementing multi-factor authentication." They also suggested account holders not use the same password for multiple devices or services.

India to Work on Global Crypto Rules During Upcoming G20 Presidency

The NPA confirmed that several of these attacks have been successfully carried out against Japanese-based digital asset firms. However, they haven't disclosed any specific details.

The Lazarus group have been accused of being the hackers behind the $650 million (roughly Rs. 5,355 crore) Ronin Bridge exploit in March, and were identified as suspects in the $100 million (roughly Rs. 824 crore) attack from layer-1 blockchain Harmony.

Is the Realme Pad the best budget tablet you can purchase under Rs. 20,000? We discuss this on Orbital, the Gadgets 360 podcast. Orbital is available on Spotify, Gaana, JioSaavn, Google Podcasts, Apple Podcasts, Amazon Music and wherever you get your podcasts.

Affiliate links may be automatically generated - see our ethics statement for details.

For the latest tech news and reviews, follow Gadgets 360 on X, Facebook, WhatsApp, Threads and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel. If you want to know everything about top influencers, follow our in-house Who'sThat360 on Instagram and YouTube.