North Korea’s Lazarus Behind Years Of Crypto Hacks In Japan
Lazarus, a North Korean hacking gang, has been identified by Japan’s national police as the group responsible for several years’ worth of cyberattacks including cryptography.
The National Police Agency (NPA) and Financial Services Agency (FSA) of Japan issued a public advisory statement on October 14 encouraging the nation’s crypto-asset enterprises to be cautious of “phishing” assaults by the hacking gang intended to steal crypto assets.
According to local accounts, this is the seventh time in history that the government has issued a “public attribution” advising statement.
According to the statement, the hacker gang employs social engineering to plan phishing attacks, posing as leaders of a target business to try to trick staff into clicking on harmful links or attachments:
“This cyber attack group sends phishing emails to employees impersonating executives of the target company […] through social networking sites with false accounts, pretending to conduct business transactions […] The cyber-attack group [then] uses the malware as a foothold to gain access to the victim’s network.”
North Korean hackers
The NPA and FSA urged targeted organizations to retain their “private keys in an offline environment” and to “not open email attachments or hyperlinks carelessly,” since phishing has reportedly been a prevalent method of attack employed by North Korean hackers.
Specifically for applications using cryptographic assets, the statement continued, people and companies should “not obtain files from sources other than those whose authenticity can be verified.”
The NPA further recommended that owners of digital assets “install security software,” “use multi-factor authentication,” and refrain from using the same password across several devices or services.
The NPA acknowledged that several of these attacks targeting Japanese-based digital asset companies were effective but withheld any further information.
The North Korean government-run foreign intelligence organization Reconnaissance General Bureau is said to be connected to Lazarus Group.
The Yomiuri Shimbun was informed by Katsuyuki Okamoto of the international IT company Trend Micro that “Lazarus initially targeted banks in various nations, but it has recently been targeting at crypto assets that are managed more loosely.”
They were named as suspects in the $100 million layer-1 blockchain Harmony assault and are suspected of being the hackers behind the $650 million Ronin Bridge breach in March.
DISCLAIMER: The Information on this website is provided as general market commentary and does not constitute investment advice. We encourage you to do your own research before investing.
Join us to keep track of news: https://linktr.ee/coincu
Website: coincu.com
Annie
CoinCu News