Source:https:\/\/techcrunch.com\/2022\/04\/19\/north-korea-blockchain-crypto\/<\/a><\/br>
\nNorth Korean hackers are targeting blockchain companies with malicious crypto-stealing apps<\/br>
\n2023-01-20 22:54:12<\/br><\/p>\n

\n

\n\t\t\t\n\t\t<\/div>\n<\/p><\/div>\n

\n

The U.S. government has warned that North Korean state-backed hackers known as the Lazarus Group<\/a> are targeting organizations in the blockchain<\/a> industry using trojanized cryptocurrency applications.<\/p>\n

In a joint advisory issued on Monday<\/a>, the FBI, CISA and the U.S. Treasury said they had observed the North Korean-backed threat actors targeting a variety of organizations in the blockchain and cryptocurrency industries, including crypto exchanges, cryptocurrency trading companies, venture capital funds that have invested in cryptocurrency and individuals known to hold large amounts of cryptocurrency or valuable non-fungible tokens<\/a> (NFTs) and play-to-earn video games.<\/p>\n

The warning comes just days after U.S. officials linked Lazarus to the recent theft of $625 million in cryptocurrency<\/a> from Ronin, an Ethereum<\/a>-based sidechain made for the popular play-to-earn game Axie Infinity<\/a>, after exploiting a vulnerability in the network.<\/p>\n

The North Korean-backed hackers are targeting employees of cryptocurrency companies using social engineering tactics across a variety of communication platforms. The advisory warns that the attackers would send highly targeted spoofed emails \u2014 known as \u201cspearphishing\u201d \u2014 that would include a high-paying job offer to try to entice the victim to download the trojanized cryptocurrency applications, an operation which the U.S. government refers to as \u201cTraderTraitor.\u201d This appears to be a continuation of the so-called \u201cDream Job\u201d campaign<\/a> that was first observed in 2020 and saw the hackers target workers in the defense, aerospace and chemical sectors.<\/p>\n

These malicious apps propagate malware across the victim\u2019s network environment and steal private keys or exploit other security gaps, which allows the hackers to carry out follow-on activities, such as making fraudulent blockchain transactions. The U.S. agencies highlight a number of malicious TraderTraitor apps used in these campaigns<\/a>, including Dafom, CryptAIS, AlticGO, Esilet and CreAI deck, all of which purport to offer services such as portfolio building and real-time cryptocurrency price predictions.<\/p>\n

The advisory, which also includes indicators of compromise (IOCs) and information on tactics, techniques and procedures (TTPs) employed in these attacks, urges organizations in the blockchain and cryptocurrency industries to strengthen their defenses.<\/p>\n

\u201cNorth Korean state-sponsored cyber actors use a full array of tactics and techniques to exploit computer networks of interest, acquire sensitive cryptocurrency-intellectual property, and gain financial assets,\u201d the agencies said. \u201cThese actors will likely continue exploiting vulnerabilities of cryptocurrency technology firms, gaming companies, and exchanges to generate and launder funds to support the North Korean regime.\u201d<\/p>\n

Last year, U.S. agencies shared information on malicious crypto-trading applications injected with AppleJeus malware, which was used by Lazarus<\/a> to steal cryptocurrency from individuals and companies worldwide. North Korea has long used cryptocurrency-stealing operations to fund its nuclear weapons program.<\/p>\n<\/p><\/div>\n

<\/br><\/br><\/br><\/p>\n

Tech, Technology<\/br>
\n<\/br>
\nSource:https:\/\/techcrunch.com\/2022\/04\/19\/north-korea-blockchain-crypto\/<\/a><\/br><\/br><\/p>\n","protected":false},"excerpt":{"rendered":"

Source:https:\/\/techcrunch.com\/2022\/04\/19\/north-korea-blockchain-crypto\/ North Korean hackers are targeting blockchain companies with malicious crypto-stealing apps 2023-01-20 22:54:12 The U.S. government has warned that North Korean state-backed hackers known as the Lazarus Group are targeting organizations in the blockchain industry using trojanized cryptocurrency applications. In a joint advisory issued on Monday, the FBI, CISA and the U.S. Treasury said […]<\/p>\n","protected":false},"author":1,"featured_media":16900,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"nf_dc_page":"","om_disable_all_campaigns":false,"pagelayer_contact_templates":[],"_pagelayer_content":"","_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[17,8],"tags":[],"class_list":["post-16899","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-tech","category-technology"],"yoast_head":"\n