The United States FBI just issued an alert about sophisticated attacks from North Korean hackers against the cryptocurrency industry and companies associated with digital asset investment products.
Social engineering is on a new level
As FBI report detailed, the attacks primarily consist of complex social engineering tactics that are pretty difficult to detect.
The hackers conduct thorough research on multiple targets active in or connected to the crypto industry.
The FBI has observed pre-operational preparations, suggesting these bad actors may attempt malicious cyber activities against these companies through their employees.
“For companies active in or associated with the cryptocurrency sector, the FBI emphasizes North Korea employs sophisticated tactics to steal cryptocurrency funds and is a persistent threat to organizations with access to large quantities of cryptocurrency-related assets or products.”
Impersonation
Before attempting to gain unauthorized access to company networks and devices through employees, the hackers search for their prospective victims on social media, particularly professional networking and employment-related platforms.
They incorporate the target’s personal details regarding their background, employment, or business interests to create customized fictional scenarios, such as new employment or corporate investment offers.
Once the bad actors initiate contact with the targets, they strive to maintain rapport to build familiarity, trust, and a sense of legitimacy.
Then, they attack when the victims are unsuspecting or in situations that seem natural by delivering malware to their devices or company networks.
The attackers often impersonate high-profile individuals, technology experts, and recruiters on professional networking websites.
Then they may request to download applications or execute codes on company devices or networks, or requests to conduct pre-employment tests and debugging exercises, and insistence on using custom software for simple tasks.
“To increase the credibility of their impersonations, the actors leverage realistic imagery, including pictures stolen from open social media profiles of the impersonated individual. These actors may also use fake images of time-sensitive events to induce immediate action from intended victims.”
Beware, and be prepared!
The FBI warned crypto firms to remain alert and affected entities to take proper action to fix the issues before they cause bigger harm.
Many experts shared that as the crypto industry continues to grow, the threat of sophisticated attacks from North Korean hackers or other will likely persist.
Companies in the sector must stay vigilant, implement robust cybersecurity measures, and educate their employees.
