North Korean Hackers Targeting Japanese Crypto Exchanges

Updated on Nov 10, 2022 at 7:25 pm UTC by · 2 mins read
an image

A Royal United Services Institute (RUSI) report revealed that the growing crypto sector in Southeast Asia appears to have been a target for many hackers.

News from the Japanese media has disclosed that the infamous North Korean hacker group, Lazarus, has recently targeted Japanese crypto exchanges. According to the information said to have been provided by the National Police Agency, the exchanges are usually victims of phishing attacks. The hackers send malicious attachments in emails to targeted employees and lure them with deceptive captions to enable them to download. The North Korean hacker group is said to have attacked Japanese businesses for several years according to an investigation conducted by regional police and the NPA’s cybercrime unit.

North Korea has been under United Nations sanctions for more than 40 years and relies on cryptos to circumvent these restrictions. The country was reportedly behind the WannaCry attack in 2017. This affected more than 300,000 computers globally with Bitcoin demanded as ransom. In 2019, the United Nations (UN) Security Council expert panel disclosed that the country has stolen $670 million in fiat and cryptos. Last year, Shiba Inu and other cryptos worth $611 million were stolen in the Poly Network attack.

A Royal United Services Institute (RUSI) report revealed that the growing crypto sector in Southeast Asia appears to have been a target for these hackers.

“As a determined and sophisticated cyber actor in need of financial resources, North Korea is likely to continue to find ways of obtaining and exploiting cryptocurrencies…Because Southeast Asia is also hosting a growing number of cryptocurrency businesses and users, countries in the region could prove vulnerable to North Korea’s cryptocurrency-related activity as well,” said the report.

The North Korean hacker group conducted five successful attacks on Asian crypto exchanges in 2019 and stole about $571 million in cryptos.

Lazarus Job Offer Scams

Recently, it was reported that the Lazarus group posted malicious PDF documents on various crypto communities showing open vacancies on Crypto.com. Users who attempted to open the file had their devices hit by a trojan horse attack. This compromised their personal data and financial information. A couple of months ago, a similar job offer was posted on LinkedIn for an Engineering Manager, Product Security position at crypto exchange Coinbase. The same group has been accused by the United States Treasury Department for coordinating a $622 million attack on an Ethereum sidechain, Ronin Bridge.

Share:

Related Articles

Coinbase Transparency Report 2025: What Rising Data Requests from Regulators Mean for Crypto Users

By December 12th, 2025

Coinbase Transparency Report 2025 reveals a 19% increase in law enforcement data requests. Read on to learn how Coinbase protects your privacy.

Coinbase to “Specifically” Focus on Solana, SOL Price to Surge?

By December 11th, 2025

FTX and Alameda unstaked 194861 SOL, but analysts say Solana can handle it as Coinbase prepares a DEX feature for all Solana tokens.

PNC Bank Launches Direct Bitcoin Trading via Coinbase Crypto-as-a-Service

By December 9th, 2025

PNC Bank becomes the first major US banking institution to offer direct Bitcoin trading to qualified clients through a Coinbase partnership, eliminating the need for separate exchange accounts.

Exit mobile version