Cryptocurrency firms have been warned by the FBI regarding increasingly sophisticated, stealthy, and prevalent social engineering attacks by North Korean hacking operations aimed at exfiltrating cryptocurrency assets, according to BleepingComputer.
After identifying cryptocurrency and decentralized firms that could be compromised, North Korean hackers target employees with investment or employment lures under the guise of known contacts, said the FBI in an advisory. "North Korean malicious cyber actors routinely impersonate a range of individuals, including contacts a victim may know personally or indirectly. Impersonations can involve general recruiters on professional networking websites, or prominent people associated with certain technologies," noted the FBI, which added threat actors' usage of technical cryptocurrency language and legitimate-looking websites to be more convincing to potential victims. Such an alert follows previous FBI warnings regarding the impersonation of cryptocurrency exchange employees and law firms for fraudulent activity. Attacks against the cryptocurrency sector were reported by Recorded Future to have netted North Korean state-sponsored threat operations nearly $3 billion worth of cryptocurrency since 2017.
