North Korean Hackers Targeting Japanese Crypto Exchanges

Updated on Nov 10, 2022 at 7:25 pm UTC by · 2 mins read
an image

A Royal United Services Institute (RUSI) report revealed that the growing crypto sector in Southeast Asia appears to have been a target for many hackers.

News from the Japanese media has disclosed that the infamous North Korean hacker group, Lazarus, has recently targeted Japanese crypto exchanges. According to the information said to have been provided by the National Police Agency, the exchanges are usually victims of phishing attacks. The hackers send malicious attachments in emails to targeted employees and lure them with deceptive captions to enable them to download. The North Korean hacker group is said to have attacked Japanese businesses for several years according to an investigation conducted by regional police and the NPA’s cybercrime unit.

North Korea has been under United Nations sanctions for more than 40 years and relies on cryptos to circumvent these restrictions. The country was reportedly behind the WannaCry attack in 2017. This affected more than 300,000 computers globally with Bitcoin demanded as ransom. In 2019, the United Nations (UN) Security Council expert panel disclosed that the country has stolen $670 million in fiat and cryptos. Last year, Shiba Inu and other cryptos worth $611 million were stolen in the Poly Network attack.

A Royal United Services Institute (RUSI) report revealed that the growing crypto sector in Southeast Asia appears to have been a target for these hackers.

“As a determined and sophisticated cyber actor in need of financial resources, North Korea is likely to continue to find ways of obtaining and exploiting cryptocurrencies…Because Southeast Asia is also hosting a growing number of cryptocurrency businesses and users, countries in the region could prove vulnerable to North Korea’s cryptocurrency-related activity as well,” said the report.

The North Korean hacker group conducted five successful attacks on Asian crypto exchanges in 2019 and stole about $571 million in cryptos.

Lazarus Job Offer Scams

Recently, it was reported that the Lazarus group posted malicious PDF documents on various crypto communities showing open vacancies on Crypto.com. Users who attempted to open the file had their devices hit by a trojan horse attack. This compromised their personal data and financial information. A couple of months ago, a similar job offer was posted on LinkedIn for an Engineering Manager, Product Security position at crypto exchange Coinbase. The same group has been accused by the United States Treasury Department for coordinating a $622 million attack on an Ethereum sidechain, Ronin Bridge.

Share:

Related Articles

Coinbase to Launch First CFTC-Regulated Perpetual Crypto Futures in US

By June 26th, 2025

Coinbase will introduce perpetual-style crypto futures trading in the US on July 21, marking the first major exchange to offer such derivatives under full CFTC oversight with initial support for nano Bitcoin and Ether contracts.

Coinbase Stock Soars Following Bullish $510 Forecast from Bernstein

By June 26th, 2025

Coinbase stock surged to a yearly high after Bernstein analysts cited its dominant position in the crypto industry and raised their price target to $510.

Coinbase Wins EU-Wide MiCA License in Luxembourg, Shifts Hub From Ireland

By June 20th, 2025

Coinbase has officially received its MiCA license from Luxembourg’s financial regulator, allowing the exchange to offer complete crypto services to 450 million EU residents across all 27 member states.

Exit mobile version