The Federal Bureau of Investigation (FBI) issued a hacking alert on Tuesday warning that North Korea was aggressively targeting the cryptocurrency industry, using complex and elaborate schemes that render “well versed” cybersecurity experts vulnerable to attacks.
North Korea is conducting “highly tailored, difficult-to-detect social engineering campaigns against employees of decentralized finance (DeFi), cryptocurrency, and similar businesses to deploy malware and steal company cryptocurrency,” said the Sept. 3 alert. Over the past months, hackers from the communist nation have carried out research on a variety of targets connected to exchange-traded funds (ETFs), it noted.
“This research included pre-operational preparations suggesting North Korean actors may attempt malicious cyber activities against companies associated with cryptocurrency ETFs or other cryptocurrency-related financial products.”
The FBI outlined multiple social engineering tactics employed by North Korean hackers. The criminals may seek to influence employees at DeFi or cryptocurrency-related businesses to secure unauthorized access to networks.
For this, the threat actors identify prospective victims by reviewing social media activity, specifically employment platforms.
The hackers approach targets with new employment or corporate investment offers. “The actors usually attempt to initiate prolonged conversations with prospective victims to build rapport and deliver malware in situations that may appear natural and non-alerting,” the FBI stated.