North Korean Hackers Pose as Venture Capitalists to Steal Cryptocurrency30. December 2022
• North Korean hackers are pretending to be venture capitalists to steal from cryptocurrency startups.
• BlueNoroff, the name given to a crew associated with the North Korean government-funded hacking operation Lazarus Group, has expanded its target list.
• Kaspersky Lab discovered that the Lazarus-affiliated hacker group is deploying malware to attack businesses in the Blockchain, DeFi, and FinTech industries.
In recent years, North Korean hackers have become increasingly active in their attempts to target cryptocurrency startups. According to a report by cybersecurity firm Kaspersky Lab, a crew associated with the North Korean government-funded hacking operation Lazarus Group has expanded its target list to include venture capital firms, cryptocurrency startups, and banks.
The crew, named BlueNoroff by cybersecurity experts, has reportedly stolen millions of dollars in cryptocurrencies by building more than 70 phony domains and mimicking financial firms and venture capital businesses. Kaspersky also found that BlueNoroff is experimenting with new file types and delivery techniques for its virus.
The Lazarus Group is a cybercrime organization composed of an undetermined number of North Korean-supervised cybercriminals. Experts say it was responsible for a large number of cyberattacks between 2010 and 2021. As a result of Kaspersky’s investigation into the infrastructure utilized by this gang, the cybersecurity firm uncovered more than 70 domains.
In addition, the hackers are utilizing malware to attack businesses in the Blockchain, DeFi, and FinTech industries. Kaspersky noted that BlueNoroff’s operations increased after a pause for much of the year.
The cybercrime activities of North Korean hackers have become a major concern for the cryptocurrency industry. The hackers have been found to use increasingly sophisticated tactics to target cryptocurrency-related organizations. The recent revelation that BlueNoroff is posing as venture capitalists is a worrying development as it shows that the hackers are using increasingly sophisticated techniques to deceive their targets.
It is clear that North Korean hackers are becoming increasingly bold in their attempts to target the cryptocurrency industry. Organizations in the space must remain vigilant and take all necessary measures to protect themselves from such threats. This includes utilizing strong cybersecurity measures, such as two-factor authentication, and regularly monitoring their networks for any suspicious activity.