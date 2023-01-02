ContributorsPublishersAdvertisers
Markets Insider

North Korean hackers are posing as VC firms to steal crypto - and a blockchain expert says 2023 could bring more cyberattacks than ever

By Phil Rosen
Markets Insider
Markets Insider
 2 days ago
https://img.particlenews.com/image.php?url=4X6ob7_0k0uDKGF00
North Korean Leader Kim Jong Un. KCNA via Reuters
  • North Korea's infamous Lazarus Group is mimicking venture capital firms and banks to steal cryptocurrencies, according to Kaspersky.
  • The state-sponsored cybercrime group is creating domains that present themselves as well-known Japanese, US and Vietnamese companies.
  • Lazarus was behind the $625 million Axie Infinity hack in April.

North Korea's infamous Lazarus Group is mimicking venture capital firms and banks to steal cryptocurrency, according to a report from cybersecurity company Kaspersky.

The state-sponsored cybercrime group, which was was behind the $625 million Axie Infinity hack in April, is creating domains that present themselves as well-known Japanese, US and Vietnamese companies.

Kaspersky said Lazarus' BlueNoroff subgroup is using new types of malware delivery methods that bypass security warnings about downloading content. They can then "intercept large cryptocurrency transfers, changing the recipient's address, and pushing the transfer amount to the limit, essentially draining the account in a single transaction."

While BlueNoroff has been quiet for most of the year, Kaspersky researchers said there's been a recent uptick in activity. The FBI flagged the North Korean group in an alert in April.

Kaspersky's lead security researcher said in a statement that 2023 will be marked by cyberattacks of unprecedented strength, and companies must work diligently to bolster security measures.

Hackers will become increasingly sophisticated

Ari Redbord, head of legal and government affairs at blockchain analytics firm TRM Labs, estimated that North Korea was responsible for more than $1 billion of the record $3.7 billion that crypto hackers around the globe swindled over the past year.

"When you're talking about billions of dollars and North Korea, you're talking about a country with essentially no GDP, so they've essentially created an economy laundering cryptocurrency and we know those funds aren't going to fund a lifestyle," Redbord told Insider. "They'll be used for nuclear proliferation or ballistic missile systems. In 2022, these hacks moved from being a law enforcement issue to being a national security issue."

In his view, 2022 was the year of the hack. While FTX's crash and the so-called crypto winter dominated headlines, more pressing has been the crypto businesses getting attacked at an "alarming speed and scale."

Over recent months, hackers have impersonated job recruiters and targeted specific individuals who had access to private keys. They've also used initial token offerings and social media to launch attacks, Redbord added.

He said North Korean crypto hackers seek out two key characteristics in targets: a high volume of liquidity and vulnerable cyberdefenses. Because of the nascent nature of the space, crypto companies exemplify both.

"The tactics North Korea are engaging in are becoming more sophisticated," Redbord said. "There's a sense out there that 'phishing' means casting a wide net, but the reality is these are extremely targeted, highly sophisticated activities."

Comments / 0

Related
americanmilitarynews.com

North Korean bandits steal 200 kilos of gold bars worth US $12 million

This article was originally published by Radio Free Europe/Radio Liberty and is reprinted with permission. The three masked bandits descended upon the armored vehicle, overpowered the two soldiers on guard duty, seized 200 kilograms of gold bars worth U.S.$12 million and rode off into the North Korean countryside, sources inside the country said.
PYMNTS

Prosecutors Suspicious of Bankman-Fried Crypto Wallets

Prosecutors are reportedly investigating transactions involving crypto wallets associated with Sam Bankman-Fried. Blockchain analysts have spotted more than $1 million being moved from these accounts over the last several days, and United States prosecutors are trying to identify who is moving the funds and what they are doing with them, Bloomberg reported Friday (Dec. 30), citing an unnamed source.
CALIFORNIA STATE
TheStreet

You Won't Believe How Low Gasoline is Likely to Go

Gasoline prices fell by $0.50 a gallon since November, giving consumers a reprieve into the holiday season. Prices have declined since early November with Americans saving a cumulative $200 million a day as of Dec. 6, said Patrick De Haan, head of petroleum analysis, at GasBuddy, a Boston-based provider of retail fuel pricing information and data.
CALIFORNIA STATE
TheDailyBeast

U.S. Sends Warplanes to South Korea After Kim’s Sister’s Threats

U.S. stealth jets and nuclear-capable bombers were flown to South Korea on Tuesday hours after Kim Jong Un’s sister threatened to conduct a full-range intercontinental ballistic missile (ICBM) test. The B-52 bombers and F-22 stealth fighters took part in joint drills with South Korean aircraft in the waters southwest of Jeju island in the Korea Strait, Seoul’s defense ministry said. The exercise came after the North Korean dictator’s sister, Kim Yo Jong, commented on doubts about the capabilities of Pyongyang’s nuclear missiles. So far, North Korea’s ICBM tests have been launched at a steep angle to avoid flying into foreign countries’ airspace. Some international observers say the Hermit Kingdom’s ICBMs can’t be considered reliable without being tested in a standard-trajectory launch—though such a test would be a massive provocation to the U.S. as the missile would be flying toward the Pacific Ocean. “I can clear up their doubt about it,” Kim Yo Jong said in remarks covered by state media Tuesday. “They will immediately recognize it in case we launch an ICBM in the way of real angle firing straight off.”Read it at Associated Press
102.5 The Bone

Newly released JFK documents point to what the CIA was hiding

Just seven weeks before the 1963 assassination of President John F. Kennedy, the CIA intercepted a curious phone call to the Soviet Embassy in Mexico. “My name is Oswald,” said the caller, speaking in broken Russian, seeking information about his request for a visa to return to Russia. It was indeed Lee Harvey Oswald, the Marxist misfit soon to be identified as Kennedy’s accused assassin. In this instance, Oswald didn’t get very far. Seeking an update on his visa request, the Soviet official who answered the phone told Oswald he had no update to give and then hung up on him.
GEORGIA STATE
The Independent

Elon Musk, who predicted the Covid pandemic would end in April 2020, suggests Fauci should be prosecuted

In another series of Twitter posts appealing to a right-wing audience, Elon Musk has suggested calling for the prosecution of Dr Anthony Fauci, the nation’s leading immunologist and White House adviser for the Covid-19 pandemic.Musk’s latest post – “My pronouns are Prosecute/Fauci” – follows a streak of messages from the world’s wealthiest person on his newly acquired platform that increasingly has amplified far-right and conspiratorial content.The early morning post – hinting at support for Covid-19 conspiracy theories while offending transgender and nonbinary people – was met approvingly by far-right members of Congress, including Marjorie Taylor Greene and Andy Biggs,...
The Jewish Press

The Iran-China Honeymoon is Over

The Chinese raised a sore point for the Iranians at the summit in Saudi Arabia. A lot has happened in recent days between Iran and China. Iran reprimanded the Chinese ambassador, the Iranian Ermooz News (affiliated with the Reformists) wrote that Iran “can no longer trust the Chinese”, and an Iranian opposition channel published a cartoon of Chinese President Xi Jinping ditching Iranian President Khamenei.
Markets Insider

Markets Insider

97K+
Followers
15K+
Post
39M+
Views
ABOUT

What you want to know about markets. A section of Insider.

 https://markets.businessinsider.com/

Comments / 0

Community Policy