News

North Korea hits crypto industry with social engineering attacks

Friday 6 September 2024 13:49 CET | News

The FBI has announced that the Democratic People's Republic of Korea is engaging in social engineering campaigns targeting employees in the DeFi and cryptocurrency sectors.

 

The FBI has announced that the Democratic People's Republic of Korea is engaging in social engineering campaigns targeting employees in the DeFi and cryptocurrency sectors. These operations are designed to distribute malware and steal digital assets from companies. 

North Korean cyber actors have developed complex social engineering schemes that are difficult to detect. Their methods are advanced enough to compromise individuals with strong technical backgrounds. Despite an awareness of cybersecurity practices, many in the cryptocurrency industry remain vulnerable to these persistent and targeted attacks according to the FBI. 

In recent months, North Korean cyber actors have conducted extensive research on entities connected to cryptocurrency exchange-traded funds (ETFs). This research has raised concerns that the country may be preparing for cyberattacks on firms dealing with ETFs and other financial products related to cryptocurrency. 

The FBI has identified North Korea as a consistent threat to organisations handling substantial cryptocurrency assets. The country employs a range of advanced tactics to infiltrate networks and steal funds.

 

The FBI has announced that the Democratic People's Republic of Korea is engaging in social engineering campaigns targeting employees in the DeFi and cryptocurrency sectors.

 

Social engineering techniques used by North Korean actors 

North Korean cyber teams focus on identifying specific DeFi and cryptocurrency-related companies. They target multiple employees within these firms, aiming to gain unauthorised access to company networks. Prior to making contact, they often gather intelligence from social media platforms, particularly those used for professional networking. 

These actors craft individualised fictional scenarios, incorporating personal details about the target’s career or business interests. Common strategies include offering new employment opportunities or investment deals. The attackers often reference information that only a few people are likely to know, creating a sense of legitimacy. 

Once initial contact is established, the attackers attempt to build a rapport with the victim. This relationship may last for an extended period, as the goal is to eventually deliver malware in a way that appears natural. The attackers often communicate fluently in English and display a high level of understanding of cryptocurrency-related topics.

Impersonation techniques

North Korean cyber actors are known to impersonate a variety of individuals, including professional contacts the target may recognise. They use stolen images from social media profiles and sometimes fabricate time-sensitive events to pressure their targets into quick action. 

They may also impersonate recruitment firms or technology companies, relying on fake websites to enhance their credibility. There are documented cases of North Korean domains being seized due to their involvement in these malicious activities.

If a company suspects it has been targeted by a North Korean social engineering campaign, the FBI recommends immediately disconnecting affected devices from the internet but leaving them powered on to preserve evidence. They advise reporting the incident to the FBI’s Internet Crime Complaint Center and providing detailed information, including any screenshots of communications with the attackers.


Source: Link


Free Headlines in your E-mail

Every day we send out a free e-mail with the most important headlines of the last 24 hours.

Subscribe now

Keywords: fraud prevention, social engineering, cryptocurrency, DeFi, cybersecurity
Categories: Fraud & Financial Crime
Companies: FBI
Countries: Korea, Democratic People's Republic of
This article is part of category

Fraud & Financial Crime

FBI

|
Discover all the Company news on FBI and other articles related to FBI in The Paypers News, Reports, and insights on the payments and fintech industry: