North Korea stole $659 million in crypto assets last year, the US says
The United States, Japan and South Korea have issued a warning against North Korean threat actors, who are actively and aggressively targeting the cryptocurrency industry. In their joint advisory, the countries said threat actor groups affiliated with the Democratic People’s Republic of Korea (DPRK) continue to stage numerous cybercrime campaigns to steal cryptocurrency. Those bad actors — including the Lazarus hacking group, which the US believes has been deploying cyber attacks all over the world since 2009 — target “exchanges, digital asset custodians and individual users.” And apparently, they stole $659 million in crypto assets in 2024 alone.
North Korean hackers have been using “well-disguised social engineering attacks” to infiltrate their targets’ systems, the countries said. They also warned that the actors could get access to systems owned by the private sector by posing as freelance IT workers. Back in 2022, the US issued guidelines on how to identify potential workers from North Korea, such as how they’d typically log in from multiple IP addresses, transfer money to accounts based in the People’s Republic of China, ask for crypto payments, have inconsistencies with their background information and be unreachable at times during their supposed business hours.
Once the bad actors are in, they then usually deploy malware, such as keyloggers and remote access tools, to be able to steal login credentials and, ultimately, virtual currency they can control and sell. As for where the stolen funds go: The UN issued a report in 2022, revealing its investigators’ discovery that North Korea uses money stolen by affiliated threat actors for its missile programs. “Our three governments strive together to prevent thefts, including from private industry, by the DPRK and to recover stolen funds with the ultimate goal of denying the DPRK illicit revenue for its unlawful weapons of mass destruction and ballistic missile programs,” the US, Japan and South Korea said.This article originally appeared on Engadget at https://www.engadget.com/cybersecurity/north-korea-stole-659-million-in-crypto-assets-last-year-the-us-says-133029741.html?src=rss
The United States, Japan and South Korea have issued a warning against North Korean threat actors, who are actively and aggressively targeting the cryptocurrency industry. In their joint advisory, the countries said threat actor groups affiliated with the Democratic People’s Republic of Korea (DPRK) continue to stage numerous cybercrime campaigns to steal cryptocurrency. Those bad actors — including the Lazarus hacking group, which the US believes has been deploying cyber attacks all over the world since 2009 — target “exchanges, digital asset custodians and individual users.” And apparently, they stole $659 million in crypto assets in 2024 alone.
North Korean hackers have been using “well-disguised social engineering attacks” to infiltrate their targets’ systems, the countries said. They also warned that the actors could get access to systems owned by the private sector by posing as freelance IT workers. Back in 2022, the US issued guidelines on how to identify potential workers from North Korea, such as how they’d typically log in from multiple IP addresses, transfer money to accounts based in the People’s Republic of China, ask for crypto payments, have inconsistencies with their background information and be unreachable at times during their supposed business hours.
Once the bad actors are in, they then usually deploy malware, such as keyloggers and remote access tools, to be able to steal login credentials and, ultimately, virtual currency they can control and sell. As for where the stolen funds go: The UN issued a report in 2022, revealing its investigators’ discovery that North Korea uses money stolen by affiliated threat actors for its missile programs. “Our three governments strive together to prevent thefts, including from private industry, by the DPRK and to recover stolen funds with the ultimate goal of denying the DPRK illicit revenue for its unlawful weapons of mass destruction and ballistic missile programs,” the US, Japan and South Korea said.
This article originally appeared on Engadget at https://www.engadget.com/cybersecurity/north-korea-stole-659-million-in-crypto-assets-last-year-the-us-says-133029741.html?src=rss