The US Federal Bureau of Investigation (FBI) has released a document alerting the public to “aggressive” attacks by North Korean hackers against the crypto industry and companies associated with digital asset investment products.
According to the report, these attacks mainly consist of sophisticated social engineering tactics that even crypto employees and market participants well-versed in cybersecurity practices could fall victim to.
N. Korean hackers target crypto companies
These social engineering attacks are often complex, elaborate and difficult to detect. Hackers have conducted research on several targets active or connected to the crypto industry. The FBI observed pre-operational preparations that suggest these bad actors may attempt malicious cyber activities against these companies through their employees.
“For companies active in or associated with the cryptocurrency industry, the FBI highlights that North Korea uses sophisticated tactics to steal cryptocurrency funds and is a persistent threat to organizations with access to large amounts of assets or related products with cryptocurrency,” the US agency said.
Before these North Korean hacker groups try to gain unauthorized access to company networks and devices through employees, they look for their potential victims on social networks, especially professional networks and platforms related to IT occupation
Hackers incorporate the target’s personal data regarding their background, occupation, or business interests to create personalized fictitious scenarios, such as new job offers or corporate investment. They ensure that these scenarios are uniquely attractive to the target people.
Impersonators and “normal” requests.
Once bad actors initiate contact with targets, they strive to maintain a relationship to build familiarity, trust, and a sense of legitimacy. They then attack when victims are unsuspecting or in seemingly natural situations by delivering malware to their devices or company networks.
Some seemingly natural situations include requests to enable video calling functionality allegedly blocked due to the victim’s location, requests to download applications or run code on company devices or networks, requests to conduct tests pre-employment and debugging exercises and insistence on using custom software for simple tasks.
These attackers also impersonate high-profile individuals, tech experts, and recruiters on professional networking websites.
“To increase the credibility of their impersonations, actors leverage realistic images, including images stolen from the impersonated person’s open social media profiles. These actors may also use fake images of time-sensitive events to induce immediate action by the expected casualties,” the agency added.
The FBI has instructed crypto companies to remain vigilant and for affected entities to take appropriate steps to address issues before they cause significant damage.
SPECIAL OFFER (Sponsored) Binance Free $600 (Exclusive to CryptoPotato): Use this link to register a new account and receive an exclusive welcome offer of $600 to Binance (full details).
2024 LIMITED OFFER on BYDFi Exchange – Up to $2888 Welcome Reward, Use this link to register and open a 100 USDT-M position for free!