North Korean hackers are pretending to be crypto VCs in new phishing scheme: Kaspersky

Share This Post

State-sponsored Lazarus Group and associated hackers have had a busy year, and 2023 may see even more activity, the cybersecurity lab warned.

BlueNoroff, part of the North Korean state-sponsored Lazarus Group, has renewed its targeting of venture capital firms, crypto startups and banks. Cybersecurity lab Kaspersky reported that the group has shown a spike in activity after a lull for most of the year and it is testing new delivery methods for its malware.

BlueNoroff has created more than 70 fake domains that mimic venture capital firms and banks. Most of the fakes presented themselves as well-known Japanese companies, but some also assumed the identity of United States and Vietnamese companies.

The group has been experimenting with new file types and other malware delivery methods, according to the report. Once in place, its malware evades Windows Mark-of-the-Web security warnings about downloading content and then goes on to “intercept large cryptocurrency transfers, changing the recipient’s address, and pushing the transfer amount to the limit, essentially draining the account in a single transaction.”

Related: North Korea’s Lazarus behind years of crypto hacks in Japan — Police

According to Kaspersky, the problem with threat actors is worsening. Researcher Seongsu Park said in a statement:

“The coming year will be marked by the cyber epidemics with the biggest impact, the strength of which has been never seen before. […] On the threshold of new malicious campaigns, businesses must be more secure than ever.”

The BlueNoroff subgroup of Lazarus was first identified after it attacked the Bangladeshi central bank in 2016. It was among a group of North Korean cyber threats the U.S. Cybersecurity and Infrastructure Security Agency and Federal Bureau of Investigation mentioned in an alert issued in April.

North Korean threat actors associated with the Lazarus Group have been spotted attempting to steal nonfungible tokens in recent weeks as well. The group was responsible for the $600-million Ronin Bridge exploit in March.

Read Entire Article
spot_img
- Advertisement -spot_img

Related Posts

Ripple News: Will XRP ETFs Debut After Gensler’s Resignation? Pro-XRP Lawyer Gives Timeline

The post Ripple News: Will XRP ETFs Debut After Gensler’s Resignation Pro-XRP Lawyer Gives Timeline appeared first on Coinpedia Fintech News A few weeks ago, Ripple Labs CEO Brad Garlinghouse made

Why is Bitcoin Price Up Today?

The post Why is Bitcoin Price Up Today appeared first on Coinpedia Fintech News Bitcoin price is currently trading in green, hovering near the $91k levels The bulls rallied to $92,596 before hitting

Andrew Tate Vows $1M Bitcoin Buys Alongside MicroStrategy

The post Andrew Tate Vows $1M Bitcoin Buys Alongside MicroStrategy appeared first on Coinpedia Fintech News Andrew Tate has pledged to buy $1 million worth of Bitcoin every time MicroStrategy’s

Bitcoin Open Interest Sets Another Record: Wild Week Ahead?

Data shows the Bitcoin Open Interest has reached yet another all-time high (ATH), a sign that more volatility could be coming for BTC Bitcoin Open Interest Has Reached A Fresh High Recently As

Analysts’ Bitcoin $200K Target Fuels Bullish Fire, Bears Brace for Impact

Bitcoin’s projected surge to $200,000 gains momentum as analysts cite pro-crypto policies, sovereign-led demand, and growing institutional adoption reshaping the market’s future As

Tether Invests in Quantoz to Launch MiCAR-Compliant EMTs

The post Tether Invests in Quantoz to Launch MiCAR-Compliant EMTs appeared first on Coinpedia Fintech News Tether is investing in Quantoz Payments to launch EURQ and USDQ, euro- and dollar-referenced