A North Korean government-backed hacking group has breached an American IT management company in an attempt to steal cryptocurrency, according to a report by Reuters.
The hackers, who are believed to be part of the Lazarus Group, were able to gain access to the company’s systems by exploiting a vulnerability in its software. Once inside, they were able to steal a significant amount of cryptocurrency, the exact amount of which has not been disclosed.
The Lazarus Group is a well-known hacking group that has been linked to a number of high-profile cyberattacks, including the WannaCry ransomware attack in 2017. The group is believed to be operating on behalf of the North Korean government, which is using the proceeds of its cyberattacks to fund its nuclear and missile programs.
The breach of the American IT management company is a reminder of the growing threat posed by North Korean hackers. The group has shown a willingness to target a wide range of organizations, including financial institutions, cryptocurrency exchanges, and government agencies.
Organizations that store or process cryptocurrency should be aware of the threat posed by North Korean hackers and take steps to protect their systems. This includes implementing strong security measures, such as multi-factor authentication and regular software updates.
In addition, organizations should be aware of the signs of a cyberattack, such as unusual email traffic, suspicious activity on their systems, and unauthorized access to sensitive data. If you suspect that your organization has been hacked, you should contact law enforcement immediately.
How North Korea Steals Crypto
North Korean hackers have been very successful in stealing cryptocurrency. In 2022 alone, they are estimated to have stolen $1.7 billion worth of crypto.
There are a number of ways that North Korean hackers steal crypto. One common method is to use phishing attacks. In a phishing attack, the hackers send an email that appears to be from a legitimate source, such as a cryptocurrency exchange or a financial institution. The email will often contain a malicious link or attachment that, when clicked, will install malware on the victim’s computer. The malware can then be used to steal the victim’s cryptocurrency.
Another method that North Korean hackers use to steal crypto is to exploit vulnerabilities in cryptocurrency exchanges and other crypto-related platforms. In 2021, for example, North Korean hackers exploited a vulnerability in the Ronin Network, a blockchain-based gaming platform, to steal $625 million worth of crypto.
Once North Korean hackers have stolen cryptocurrency, they typically launder it through “mixers”. Mixers are services that mix cryptocurrency from different users together, making it difficult to trace the origin of the funds.
North Korean hackers have also been known to use non-fungible tokens (NFTs) to launder cryptocurrency. NFTs are unique digital assets that can be used to represent ownership of real-world items, such as artwork or music. North Korean hackers can use NFTs to launder cryptocurrency by buying and selling them on NFT marketplaces.
What Can You Do to Protect Yourself?
There are a number of things that you can do to protect yourself from North Korean hackers. These include:
- Be aware of the signs of a phishing attack. Phishing emails often contain links or attachments that, when clicked, will install malware on your computer.
- Keep your software up to date. Software updates often include security patches that can help to protect your computer from malware.
- Use strong passwords and enable two-factor authentication for your cryptocurrency accounts.
- Be careful about what information you share online. Hackers can use information that you share online to target you with phishing attacks.
- Use a VPN when connecting to public Wi-Fi networks. A VPN will encrypt your traffic, making it more difficult for hackers to intercept it.
If you think that you may have been the victim of a cyberattack, you should immediately contact your cryptocurrency exchange or financial institution. You should also report the attack to law enforcement.