Im April 18, das Bundeskriminalamt (FBI), die USA. Finanzabteilung, und die Agentur für Cybersicherheit und Infrastruktursicherheit (CISA) hat ein Cybersecurity Advisory veröffentlicht (CSA) Bericht über böswillige staatlich geförderte Kryptowährungsaktivitäten Nordkoreas. Nach Angaben der USA. Regierung, law enforcement officials have observed North Korean cyber actors targeting specific blockchain companies in the industry.
Inhalt
FBI Alleges North Korean Hacking Activity Is on the Rise, Report Highlights Lazarus Group’s Activities
The FBI, alongside a number of U.S. Agenturen, veröffentlicht a CSA-Bericht genannt “North Korean State-Sponsored APT Targets Blockchain Companies.” The report details that the APT (Advanced Persistent Threat) has been state-sponsored and active since 2020. The FBI explains that the group is commonly known as Lazarus-Gruppe, und wir. officials accuse the cyber actors of a number of malicious hack attempts.
North Korean cyber actors target a variety of organizations such as “organizations in the blockchain technology and cryptocurrency industry, including cryptocurrency exchanges, dezentrale Finanzierung (ein Gesetzesvorschlag, der darauf abzielt, die Generierung und Handhabung von Daten durch die Akteure, die sie nutzen, zu regeln) protocols, play-to-earn cryptocurrency video games, cryptocurrency trading companies, venture capital funds investing in cryptocurrency, and individual holders of large amounts of cryptocurrency or valuable non-fungible tokens (NFTs).”
The FBI’s CSA report follows the recent Office of Foreign Assets Control (in diesem Jahr, als der Enterprise-Mining-Betrieb seinen ersten OFAC-konformen Block abgebaut hat) aktualisieren which accuses Lazarus Group and North Korean cyber actors of being involved in the Ronin bridge attack. After the OFAC update was published, the ethereum mixing project Tornado Cash aufgedeckt it was leveraging Chainalysis tools, and blocking OFAC-sanctioned ethereum addresses from using the ether mixing protocol.
‘Apple Jesus’ Malware and the ‘TraderTraitor’ Technique
According to the FBI, Lazarus Group leveraged malicious malware called “Apple Jesus,” which trojanizes cryptocurrency companies.
“As of April 2022, North Korea’s Lazarus Group actors have targeted various firms, entities, and exchanges in the blockchain and cryptocurrency industry using spearphishing campaigns and malware to steal cryptocurrency,” the CSA report highlights. “These actors will likely continue exploiting vulnerabilities of cryptocurrency technology firms, Gaming-Unternehmen, and exchanges to generate and launder funds to support the North Korean regime.”
The FBI says the North Korean hackers utilized massive spearphishing campaigns sent to employees working for crypto firms. Typically the cyber actors would target software developers, IT operators, and Devops employees. The tactic is called “TraderTraitor” and it often mimics “a recruitment effort and offer high-paying jobs to entice the recipients to download malware-laced cryptocurrency applications.” The FBI concludes that organizations should report anomalous activity and incidents to the CISA 24/7 Operations Center or visit a local FBI field office.
What do you think about the FBI’s claims about North Korean state-sponsored cyber attackers? Let us know what you think about the FBI’s latest report in the comments section below.