North Korean Hackers Pretend to Be Officials and Journalists to Steal Crypto
South Korea’s National Police Agency has reported that North Korean hackers are attempting to deceive victims by posing as South Korean officials and journalists in order to steal cryptocurrency. Between March and October 2023, cybercriminals linked to the Democratic People’s Republic of Korea (DPRK) stole information from 1,468 victims, including government officials. The hackers are using email phishing tactics, pretending to be organizations such as the South Korean National Police Agency, National Health Insurance Service, National Pension Service, and National Tax Service. They use clickbait words like “notice” or “questionnaire” to entice victims into clicking on links that contain malware.
Once the victim clicks on the link, hidden channels are created on their computer or mobile device to steal personal data. The police suspect that this recent activity is part of North Korea’s ongoing efforts to steal cryptocurrency, as some victims’ IDs and profiles were used to access their crypto trading accounts. However, the report does not disclose which specific crypto platforms were targeted.
In November 2023, it was reported that the Lazarus hacking group from North Korea had begun distributing a malicious Python app disguised as a crypto arbitrage bot via a direct message on a public Discord server. This malware, known as Kandykorn, is being spread through a ZIP archive.
Hot Take: North Korean Hackers Expanding Tactics for Cryptocurrency Theft
North Korean hackers continue to evolve their tactics in an attempt to steal cryptocurrency from unsuspecting victims. By impersonating South Korean officials and journalists and using email phishing techniques with enticing clickbait words, these cybercriminals are successfully gaining access to personal data and potentially compromising crypto trading accounts. This latest wave of attacks highlights the increasing sophistication and determination of North Korea in their pursuit of digital assets. It is crucial for individuals and organizations to remain vigilant and employ strong security measures to protect themselves from falling victim to these malicious activities. As the crypto industry grows, so do the threats, and it is essential to stay informed and take proactive steps to safeguard your crypto assets.