The Federal Bureau of Investigation (FBI) has issued a hacking alert, warning that North Korea is aggressively targeting the cryptocurrency industry. The FBI stated that North Korean hackers are using complex and elaborate schemes that make even well-versed cybersecurity experts vulnerable to attacks.
According to the FBI’s alert, North Korea is conducting highly tailored social engineering campaigns against employees of decentralized finance (DeFi), cryptocurrency, and similar businesses. The goal is to deploy malware and steal company cryptocurrency. Over the past months, hackers from North Korea have been researching various targets connected to exchange-traded funds (ETFs).
The FBI outlined multiple social engineering tactics employed by these hackers. They may try to influence employees at DeFi or cryptocurrency-related businesses in order to gain unauthorized access to networks. The threat actors identify potential victims by reviewing their social media activity, particularly on employment platforms.
Once they have identified a target, the hackers approach them with new employment or corporate investment offers. They engage in prolonged conversations with prospective victims in order to build rapport and deliver malware without raising suspicion.
The FBI emphasized that North Korea poses a persistent threat to organizations with large quantities of crypto assets. Even those who are well-versed in cybersecurity practices can be vulnerable due to the determination of these hackers.
In recent years, North Korean hackers have been responsible for several high-profile attacks against crypto firms. For example, in June 2022, $100 million worth of crypto assets were stolen from U.S.-based firm Harmony by a hacking group linked to North Korea called Lazarus.
According to TRM Labs’ report from January 2024, hackers linked to North Korea stole at least $600 million in cryptocurrency last year alone. This accounted for almost one-third of all funds stolen through crypto hacks in 2023.
U.S.-based firm Chainalysis estimates that last year alone, North Korea-linked hackers stole over $1 billion worth of cryptocurrencies. While this was lower than the previous year’s total of $1.7 billion, it marked a record-high number of hacks.
The White House has called for further legislation on cryptocurrencies due to hacking activities originating from this specific geographic region. South Korea has accused its northern neighbor of employing hackers who stole $1.2 billion in digital assets.
The United Nations is reportedly investigating these activities as well and has stated that it is looking into cyberattacks by North Korea on cryptocurrency-related companies between 2017 and 2023 valued at approximately $3 billion.