Hackers in North Korea stole a complete of $659 million in crypto throughout a number of heists in 2024, in accordance with a joint assertion issued at present by the US, Japan, and South Korea. The report specified 5 such incidents, just like the $235 million theft from the Indian crypto alternate WazirX that’s being newly attributed to the Lazarus Group. That group is estimated to have stolen billions throughout earlier assaults over the past decade, together with $625 million stolen from Axie Infinity in 2022.
As lately as September 2024, the USA authorities noticed aggressive concentrating on of the cryptocurrency trade by the DPRK with well-disguised social engineering assaults that finally deploy malware, resembling TraderTraitor, AppleJeus and others. The Republic of Korea and Japan have noticed related traits and techniques utilized by the DPRK.
A warning issued by the FBI final September famous that their strategies to achieve entry for delivering these payloads embody “individualized pretend eventualities,” resembling engaging victims with potential jobs and enterprise alternatives. All three international locations suggested companies within the trade to take a look at the newest warning to cut back their danger of “inadvertently hiring DPRK IT staff,” as described on this current report by CoinDesk.
They’ve additionally used long-time widespread phishing techniques in opposition to staff of crypto companies, resembling convincing impersonations of trusted contacts or outstanding individuals of curiosity in associated industries, with reasonable images and knowledge seemingly lifted from public social media accounts of identified connections.
