By
Temitope Olatunji
April 18th, 2024
A Royal United Services Institute (RUSI) report revealed that the growing crypto sector in Southeast Asia appears to have been a target for many hackers.
News from the Japanese media has disclosed that the infamous North Korean hacker group, Lazarus, has recently targeted Japanese crypto exchanges. According to the information said to have been provided by the National Police Agency, the exchanges are usually victims of phishing attacks. The hackers send malicious attachments in emails to targeted employees and lure them with deceptive captions to enable them to download. The North Korean hacker group is said to have attacked Japanese businesses for several years according to an investigation conducted by regional police and the NPA’s cybercrime unit.
North Korea has been under United Nations sanctions for more than 40 years and relies on cryptos to circumvent these restrictions. The country was reportedly behind the WannaCry attack in 2017. This affected more than 300,000 computers globally with Bitcoin demanded as ransom. In 2019, the United Nations (UN) Security Council expert panel disclosed that the country has stolen $670 million in fiat and cryptos. Last year, Shiba Inu and other cryptos worth $611 million were stolen in the Poly Network attack.
A Royal United Services Institute (RUSI) report revealed that the growing crypto sector in Southeast Asia appears to have been a target for these hackers.
“As a determined and sophisticated cyber actor in need of financial resources, North Korea is likely to continue to find ways of obtaining and exploiting cryptocurrencies…Because Southeast Asia is also hosting a growing number of cryptocurrency businesses and users, countries in the region could prove vulnerable to North Korea’s cryptocurrency-related activity as well,” said the report.
The North Korean hacker group conducted five successful attacks on Asian crypto exchanges in 2019 and stole about $571 million in cryptos.
Lazarus Job Offer Scams
Recently, it was reported that the Lazarus group posted malicious PDF documents on various crypto communities showing open vacancies on Crypto.com. Users who attempted to open the file had their devices hit by a trojan horse attack. This compromised their personal data and financial information. A couple of months ago, a similar job offer was posted on LinkedIn for an Engineering Manager, Product Security position at crypto exchange Coinbase. The same group has been accused by the United States Treasury Department for coordinating a $622 million attack on an Ethereum sidechain, Ronin Bridge.