FBI Reveals: North Korea Actively Targeting Cryptocurrency Industry, Using Social Engineering to Target Employees of Crypto Companies
According to an official statement by the Federal Bureau of Investigation (FBI) on September 3, North Korea has recently been conducting specially designed and difficult-to-detect social engineering attacks targeting decentralized finance (DeFi), cryptocurrency, and employees of related enterprises, attempting to spread malicious software and steal the companies' cryptocurrency assets.
Table of Contents
FBI: North Korea Targeting Cryptocurrency ETF-Related Companies with Social Engineering
The FBI has revealed that in the past few months, North Korean hackers have been targeting several companies related to cryptocurrency ETFs, and may launch malicious attacks on companies dealing with cryptocurrency ETFs or other cryptocurrency-related financial products in the future.
North Korean hackers identify specific DeFi or cryptocurrency-related companies, conduct in-depth research on victims by reviewing social media activities, especially on professional networks or job platforms, before engaging with the target.
Social Engineering Attacks Use These Tactics
Requesting execution of code or downloading applications on company devices or devices connected to internal networks.
Requesting "job tests" or exercises that may involve executing non-standard or unknown code like Node.js, PyPI, GitHub source code, etc.
Unexpectedly offering high-paying job opportunities from well-known cryptocurrency or tech companies without negotiation.
Unexpected investment proposals from well-known companies.
Insisting on using non-standard or custom software for simple tasks (video conferences, connecting to servers).
Executing scripts to bypass regional restrictions, enabling calls or video conferences.
Requesting to move conversations to other communication platforms.
Unsolicited contacts containing unexpected links or attachments.
FBI Offers Countermeasures Against Social Engineering Attacks
If devices are compromised, keep them powered on and immediately disconnect from the network to prevent loss of recoverable malicious software files.
Submit detailed complaints through the FBI Internet Crime Complaint Center (IC3) at www.ic3.gov.
Provide law enforcement with detailed information about the incident, including screenshots of conversations with the attackers and relevant data.
Discuss evidence collection and response measures with law enforcement, and consider assistance from cybersecurity companies if necessary.
Share experiences with colleagues and friends in a timely manner to raise awareness and increase information on North Korean cyber attacks.
North Korea's attacks on the cryptocurrency industry have entered a sophisticated and hard-to-detect stage. Whether as a company or an individual, no matter how rich one's knowledge of cybersecurity is, they could become a target. Be cautious about what you share on social media, and make good use of privacy settings. If you feel suspicious during interactions, stay calm and think twice before taking action.
Related
- Dark web hackers selling 10 million pieces of Binance user data, Binance refutes: Completely false
- Token 2049 | Celebrity Endorsements of Cryptocurrencies Drive Frenzy, Market Marketing is One of the Scam Tactics
- Hong Kong Crackdown on Cryptocurrency Crime: 14-Year-Old Uses Counterfeit Money to Scam Cryptocurrency, Nets $1.4 Million