The Democratic People’s Republic of Korea (“DPRK” aka North Korea) is conducting highly tailored, difficult-to-detect social engineering campaigns against employees of decentralized finance (“DeFi”), cryptocurrency, and similar businesses to deploy malware and steal company cryptocurrency.
North Korean social engineering schemes are complex and elaborate, often compromising victims with sophisticated technical acumen. Given the scale and persistence of this malicious activity, even those well versed in cybersecurity practices can be vulnerable to North Korea’s determination to compromise networks connected to cryptocurrency assets. North Korean malicious cyber actors conducted research on a variety of targets connected to cryptocurrency exchange-traded funds (ETFs) over the last several months.
Read more…
Source: U.S. Federal Bureau of Investigation Cyber Division
Related:
- Newly-Discovered Vulnerabilities Could Allow for Bypass of Spectre Mitigations in Linux
March 29, 2021
Two new vulnerabilities have been patched in the Linux kernel which, if exploited, could bypass existing mitigations for the Spectre vulnerabilities. The vulnerabilities were discovered by Piotr Krysiuk, a researcher on Symantec’s Threat Hunter team, who reported them to the Linux kernel security team. If left unpatched, the vulnerabilities mean that existing Spectre protections will ...
- Ransomware admin is refunding victims their ransom payments
March 28, 2021
After recently announcing the end of the operation, the administrator of Ziggy ransomware is now stating that they will also give the money back. It appears that this is a planned move since the admin shared the “good news” a little over a week ago, but gave no details. Shutdown followed by money-back move Ziggy ransomware shut down ...
- The security dilemma of smart factories [Part 1] Specificity of the programming languages used to move industrial robots
March 26, 2021
Industrial robots are the core of the automation of manufacturing processes in smart factories, and are the most important components as they support the manufacture of all kinds of products such as automobiles, aircraft, processed foods, and pharmaceuticals. In addition, as equipment that realizes unmanned manufacturing in the post-COVID-19 world where minimal or no contact ...
- Alleged Members of Egregor Ransomware Cartel Arrested
March 26, 2021
hree alleged members of the Egregor ransomware cartel were apprehended in Ukraine in a crackdown conducted by the French and Ukrainian authorities last month. The arrests were also made possible with the help of private-public sector partnerships, which include Trend Micro. About Egregor ransomware Since its first appearance in September 2020, Egregor ransomware has been involved in ...
- Insurance Giant CNA Hit with Novel Ransomware Attack
March 26, 2021
A novel ransomware attack forced insurance giant CNA to take systems offline and temporarily shutter its website. The attack occurred earlier this week and leveraged a new variant of the Phoenix CryptoLocker malware. The Chicago-based company—the seventh largest commercial insurance provider in the world—said it “sustained a sophisticated cybersecurity attack” on Sunday, March 21, according to ...
- Threat Assessment: Matrix Ransomware
March 26, 2021
Matrix is a ransomware family that was first identified publicly in December 2016. Over the years since its inception, it has primarily targeted small- to medium-sized organizations. As of 2019, it had been observed across geographic locations such as the U.S., Belgium, Taiwan, Singapore, Germany, Brazil, Chile, South Africa, Canada and the UK. While initially leveraging ...

