According to the FBI, cyber factors in North Korea use advanced social engineering campaigns against cryptocurrency operations.
In the announcement of the public services (PSA), which was published today, the agency warns that Hackgroups from the Democratic People’s Republic of Korea focus on employees in cryptocurrency, decentralized finances and related companies, with a view to stealing cryptocurrency.
The attacks, advises the FBI, are tailor -made and difficult to detect.
Malicious cyber actors conduct extensive exploration and research to identify their target victims. This includes investigating their social media activities, especially on professional networking sites.
They then build advanced fictional scenarios to lure in individuals, with details that, according to the victims, are only known to their real contacts. The scenarios, the FBI said, often include offers from employment or investments.
The attackers then build a report with the victim over time. They sometimes go further, which occur as the contacts of the victim stolen with the help of both photos of open social media sites and fake images of time -sensitive events.
The attackers then ask the victim to perform non-standard software or scripts, or ask to move the conversation to another message platform to complete the attack.
Read more about cyber attacks against crypto companies: Unicoin staff sent from G-suite in Mystery Attack
Organizations insisted on reducing risks
The PSA advises organizations to improve how they protect crypto portfolios, have methods to verify the identities of contacts and “to lead business communication to closed platforms and require authentication.”
“One of the most important facts that the FBI details are that the Noord -Korean threat factors are willing to make long -term communication with victims and are willing to take the time to settle fully as a trusted person in which they offer a scenario in which the execution of software is useful,” warned Max Gannon, Warnon Comense.
He advises to conduct job interviews or before the service, away from work equipment.
“These advanced campaigns are reportedly able to fool even technically well -informed cyber security professionals, but maintaining a high degree of suspicion for online interactions, even those who seem legitimate can drastically reduce the risk of compromise,” he said.
Research earlier this year showed that twice as much was stolen from Crypto fairs in the first half of 2024, compared to the same period in 2023. TRM Labs discovered that criminal hackers $ 1.38 billion stable.