North Korean Crypto Hackers Are Targeting ETF Companies for Scam

Key Points:

  • The FBI has warned that North Korean crypto hackers are targeting employees and decentralized finance sectors to steal funds.
  • These hackers conduct extensive research on their victims, especially those related to cryptocurrency ETFs.
The U.S. Federal Bureau of Investigation has issued a warning that North Korean crypto hackers have become highly aggressive in their targets, going after employees now even within the cryptocurrency and DeFi sectors.
North Korean Crypto Hackers Are Targeting ETF Companies for Scam

Read more: North Korean Hackers Face UN Scrutiny Over $3 Billion Cyberattacks

FBI Warns of North Korean Crypto Hackers

State-sponsored cyber actors use sophisticated social engineering to steal money and disrupt networks associated with virtual currency.

The FBI said North Korean crypto hackers are currently conducting reconnaissance in search of potential targets. Apparently, this is focused on organizations that have some sort of involvement with cryptocurrency exchange-traded funds or other crypto-related financial products.

These cyber actors have been known to use social media platforms, including those used for professional networking, to obtain personal data and construct an elaborate scheme with the intent of persuading an employee to take some action. Common methods include offering a job or other investment opportunities in order to distract victims into revealing sensitive information or installing the malicious software.

FBI Urges Adoption of Cybersecurity Measures to Secure Crypto Assets

The FBI cited several indicators of North Korean crypto social engineering activity in the recent alert, besides recommending mitigation strategies. These include increasing cybersecurity training among employees for recognizing phishing and suspicious communications.

Companies are advised not to store any information related to cryptocurrency wallets on devices that may be connected to the internet, and also to make use of secure identity verification via separate communication channels.

In doing so, the FBI emphasized that companies, especially those with large cryptocurrency holding positions, need to be cautious against such sophisticated threats. Even firms with good cybersecurity cannot be exempt because North Korean crypto hackers use very advanced techniques.

The alert comes hot on the heels of a report about North Korean crypto hackers leveraging a zero-day in Chromium’s V8 JavaScript engine to target cryptocurrency players, using malware such as the AppleJeus trojan in order to siphon off digital assets from compromised systems.