North Korean Hackers Intensifying Attacks on Crypto Sector, FBI Warns

North Korean crypto hackers can affect several crypto sectors including virtual digital assets, decentralised finance (DeFi), and crypto ETFs.

Written by Radhika Parashar, Edited by David Delima | Updated: 5 September 2024 18:00 IST

North Korean Hackers Intensifying Attacks on Crypto Sector, FBI Warns

Photo Credit: Pexels/ Sora Shimazaki

The FBI has listed measures that crypto firms can take to increase safety of their platforms

Highlights

North Korean hackers are using more sophisticated crypto attacks
Detailed pre-operation research lets them execute silent attacks
DeFi, crypto ETF firms can also be affected by these hackers

The US Federal Bureau of Investigation (FBI) has warned crypto investors about the increasing danger posed by sophisticated North Korean hackers. The aim of these cybercriminals, according to the US investigative agency, is to steal hefty crypto reserves from firms that are operating services related to digital assets. These hack attacks have been described as highly tailored social engineering campaigns that are tough to detect. The agency had issued a similar warning in March, when it observed a rise in crypto investment scams.

The danger of North Korean crypto hackers is persistent across all firms operating across the verticals of virtual digital assets, decentralised finance (DeFi), and crypto-related exchange traded funds (ETFs). “Before initiating contact, the actors scout prospective victims by reviewing social media activity, particularly on professional networking or employment-related platforms,” the FBI said, adding that hackers are using tactics like convincing impersonation tricks, creating fake scenarios, and conducting pre-operational research before chalking out roadmaps to deploying the hacks.

The FBI has listed a number of ways, that crypto-related companies can keep their platforms safe from North Korean hackers. These include the creation of personal, unique mechanisms of verification – that could filter out suspicious contactors.

India’s IT Ministry Launches an Array of Blockchain Stacks: All Details

“Do not store information about cryptocurrency wallets — logins, passwords, wallet IDs, seed phrases, private keys, etc. — on Internet-connected devices. Avoid taking pre-employment tests or executing code on company owned laptops or devices,” the FBI warns.

Enabling multi-factor authentication (MFA), establishing regular rotations of security checks, limiting access to internal network-related documentation, and funnelling business-related communication have also been listed by the FBI as safety measures that Web3 firms are incorporate in their operations.

“If you suspect you or your company have been impacted by a social engineering campaign, disconnect the impacted device or devices from the Internet immediately. Leave impacted devices powered on to avoid the possibility of losing access to recoverable malware artifacts,” the law enforcement agency added, also suggesting immediate reporting of such suspicions.

Japan’s Financial Regulator May Cut Crypto Tax in FY 2025: Details

Interestingly, this announcement from the FBI follows a major breach of Indian exchange WazirX last month, which was reportedly executed by North Korea's infamous Lazarus Group of hackers. The attack led to the theft of $230 million (roughly Rs. 1,900 crore) from WazirX reserves.

In a recent conversation with Gadgets 360, WazirX co-founder Nischal Shetty said, “most of the research community says that the pattern matches with Lazarus group. We've got, like, one of the best researchers in the industry, saying that the pattern exactly matches. We got some credible information that, you know, that's a possibility.”

Comments

For the latest tech news and reviews, follow Gadgets 360 on X, Facebook, WhatsApp, Threads and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel. If you want to know everything about top influencers, follow our in-house Who'sThat360 on Instagram and YouTube.

Further reading: Cryptocurrency, FBI, North Korean Crypto Hackers

Radhika Parashar

Email Radhika

Radhika Parashar is a senior correspondent for Gadgets 360. She has been reporting on tech and telecom for the last three years now and will be focussing on writing about all things crypto. Besides this, she is a major sitcom nerd and often replies in Chandler Bing and Michael Scott references. For tips or queries you could reach out to her at RadhikaP@ndtv.com. More