The Federal Bureau of Investigation FBI has warned that North Korean hackers are now aimed at US cryptocurrency exchange-traded funds ETFs in order to steal the same. These hackers are using highly complex exploitation in the nature of social engineering to gain access to the companies that deal in the financial products.
Of interest, the FBI mentions that, at the moment, the Democratic People’s Republic of Korea (DPRK) seems to be focusing on targeted, highly specialized social engineering attacks on employees in the DeFi and cryptocurrency sphere. These attacks are well planned and usually entail elaborate schemes whereby the attacker studies his target and comes up with a plan that touches on the targets’ interests and people close to them.
“Several targets associated with cryptocurrency ETFs have been researched by North Korean cyber actors in the past few months,” the FBI said. It also leads one to presuppose that the North Korean hackers might be planning to launch cybercrimes on corporations linked to cryptocurrency ETFs or other related investment products.
To its credit, the FBI also stressed that these North Korean hackers remain active and continue to target organisations with large amounts of cryptocurrencies. Some of the approaches that they utilize are identity theft where the attackers pretend to be close friends of their targets, creation of fake stories such as fake jobs or fake investment opportunities, and continuous and unrelenting messaging which deliver malware to the targets.
The agency stated that they recommend companies into the cryptocurrency space to employ what the agency refers to as security controls thereby enforcing measures like multi-factor authentication, limitation of the access to sensitive information and confirming contacts through at least two channels. Also, the FBI suggests organisations managing large cryptocurrency holdings remain particularly vigilant to counter these emerging threats.