U.S Issues Warning on North Korean State-Sponsored Crypto Attacks

The U.S Treasury Department, FBI, Cyber Security, and Infrastructure Security Agency (CISA) have co-authored a report, issuing a cybersecurity warning on North Korean state-sponsored efforts aiming at the blockchain and cryptocurrency industry.

“The U.S. government has observed North Korean cyber actors targeting a variety of organizations in the blockchain technology and cryptocurrency industry,” the report reads.

The report cites exchanges, decentralized finance (DeFi) protocols, venture capital funds, and individual holders of large amounts of crypto-related assets such as tokens or non-fungible tokens (NFTs), as the primary targets for these attacks.

The advisory also includes several ways one could use to avoid these illicit activities.

In the report, the U.S government pinpoints a group of state-sponsored hackers utilizing similar tactics to the infamous Lazarus Group, who ironically are also based out of North Korea.

One of the tactics laid out was uploading malware software to a victim's computer to easily gain access to their crypto holdings.

“As of April 2022, North Korea’s Lazarus Group actors have targeted various firms, entities, and exchanges in the blockchain and cryptocurrency industry using spearfishing campaigns and malware to steal cryptocurrency,” the report reads.

The warning also goes on to mention a strategy called “TraderTraitor,” in which messages are strategically sent to employees of certain crypto companies, often these individuals work in IT or software development departments.

The messages are usually made to look like recruiting letters, promising high-paying jobs to lure their victims into downloading the software.

This is not the first (nor probably the last) time North Korea has been connected to malicious crypto activity.

In 2021, the blockchain analytics platform, Chainalysis, found that North Korean hackers had managed to steal up to $400 million in Bitcoin and Ethereum

Last year, the United Nations also released a report that found North Korea’s nuclear and ballistic missile programs were surprisingly partly funded by cryptocurrencies.

Just last week, the U.S treasury connected North Koren hackers to the $622 million stolen from the popular cryptocurrency videogame, Axie Infinity.

As crypto continues to rise, so do the stories of malicious hacks. Sadly this is a bug, not a feature of the technology, and is up to the communities, as well as individuals to become educated and informed on how to avoid these attacks.