North Korea Aggressively Targeting Crypto Industry with Well-Disguised Social Engineering Attacks


The Democratic People’s Republic of Korea (“DPRK” aka North Korea) is conducting highly tailored, difficult-to-detect social engineering campaigns against employees of decentralized finance (“DeFi”), cryptocurrency, and similar businesses to deploy malware and steal company cryptocurrency.

North Korean social engineering schemes are complex and elaborate, often compromising victims with sophisticated technical acumen. Given the scale and persistence of this malicious activity, even those well versed in cybersecurity practices can be vulnerable to North Korea’s determination to compromise networks connected to cryptocurrency assets. North Korean malicious cyber actors conducted research on a variety of targets connected to cryptocurrency exchange-traded funds (ETFs) over the last several months.

Read more…
Source: U.S. Federal Bureau of Investigation Cyber Division


Sign up for our Newsletter


Related:

  • Half of anti-malware products fail to recognize notable threats

    August 17, 2020

    Most popular, well-established cybersecurity solutions do not protect their users from all notable threats, according to new analysis from SE Labs. The security firm tested 14 of the world’s most popular cybersecurity solutions and, while products from Microsoft and Kaspersky Lab scored 100 percent, more than half failed to identify all threats. “While the numbers of ‘misses’ ...

  • How Unsecure gRPC Implementations Can Compromise APIs, Applications

    August 17, 2020

    Enterprises are turning to microservice architecture to build future-facing applications. Microservices allow enterprises to efficiently manage infrastructure, easily deploy updates or improvements, and help IT teams innovate, fail, and learn faster. It also allows enterprises to craft applications that can easily scale with demand. Additionally, as enterprises switch architectures — jumping from the traditional monolithic to ...

  • Business technology giant Konica Minolta hit by new ransomware

    August 16, 2020

    Business technology giant Konica Minolta was hit with a ransomware attack at the end of July that impacted services for almost a week, BleepingComputer has learned. Konica Minolta is a Japanese multinational business technology giant with almost 44,000 employees and over $9 billion in revenue for 2019. Read more… Source: Bleeping Computer  

  • Canada suffers cyberattack used to steal COVID-19 relief payments

    August 16, 2020

    Canadian government sites used to provide access to crucial services for immigration, taxes, pension, and benefits have been breached in a coordinated attack to steal COVID-19 relief payments. The online portal referred to as GCKey is acritical single sign-on (SSO) system used by the public to access multiple Canadian government services. Read more… Source: Bleeping Computer  

  • Online crime in Africa a bigger threat than ever before, INTERPOL report warns

    August 14, 2020

    Despite lower online connectivity, organized crime groups are using online tools for a range of illicit activities A new INTERPOL report on online organized crime in Africa shows how digitalization is transforming almost every major crime area across the continent. “Online crime now represents a bigger security issue for law enforcement in Africa than ever before,” reads ...

  • Patch List: Adobe, Citrix, Intel, and vBulletin Vulns

    August 14, 2020

    Vulnerabilities expose enterprises’ systems to compromise. Now that many employees are working from home and operating devices outside the more secure office environments, the need to patch vulnerabilities as soon as they are discovered has become even more pressing. Aside from Microsoft, the following vendors also released patches recently: Adobe, Citrix, Intel, and vBulletin. We rounded ...