North Korean hackers are employing “complex and ornate” social engineering strategies to pilfer the cryptocurrency of the company from web3 employees.
North Korean cybercriminals are “aggressively targeting” personnel in the web3 industry to steal crypto funds, according to the United States Federal Bureau of Investigation (FBI).
The FBI stated in a release on Tuesday that North Korean actors employ sophisticated social engineering strategies to deceive individuals at cryptocurrency and decentralized finance (DeFi) firms in order to “compromise networks connected to cryptocurrency assets.” These schemes represent a “persistent hazard” to entities that possess substantial quantities of cryptocurrency or related products.
“Over the past few months, North Korean malicious cyber actors conducted research on a diverse array of targets associated with cryptocurrency exchange-traded funds (ETFs).” the FBI elaborated. “Pre-operational preparations were part of this investigation, which indicated that North Korean actors may undertake malicious cyber activities against companies that are associated with cryptocurrency ETFs or other cryptocurrency-related financial products.”
North Korean cybercriminals have gained and exploited the trust of potential targets by impersonating notable members within an employee’s company or fabricating false scenarios that are tailored to the victim’s background, skills, or business interests, in addition to conducting research on potential targets.
Begin your day with the most influential events and analyses occurring throughout the digital asset ecosystem.
Other strategies include requiring the victim to obtain an application on a device connected to the web3 company’s network, requesting non-standard software for basic duties like video conferences, or completing a diagnostic exercise that involves malicious code packages.
The FBI advises that companies refrain from instituting de-bugging exercises on company computers, implement systems to verify individuals via a distinct communications platform, and avoid storing crypto wallet information on internet-connected devices in order to prevent such threats.
The Block has already revealed that North Korean hackers got into private information at cryptocurrency companies by posting fake job openings. As of July 2024, North Korean thieves had stolen $3 billion worth of crypto assets.
Also Read: A Washington fundraiser is scheduled to be hosted by US crypto executives for Harris
