NEWYou can now listen to Fox News articles!
The FBI, the Cybersecurity and Infrastructure Security Agency (CISA) and the Treasury Department on Monday warned of “malicious” cyber threats from North Korean state-sponsored actors seeking to exploit “vulnerabilities cryptocurrency technology firms, gaming companies, and exchanges” in the United States in an effort to “generate and launder funds” to support the North Korean regime.
In a joint advisory Monday, the agencies sought to “highlight the cyber threat associated with cryptocurrency thefts and tactics used by a North Korean state-sponsored advanced persistent threat group since at least 2020.”
The advisory states that the group is “commonly tracked” by the cybersecurity industry as “Lazarus Group, APT38, BlueNoroff, and Stardust Chollima.”
“The U.S. government has observed North Korean cyber actors targeting a variety of organizations in the blockchain technology and cryptocurrency industry, including cryptocurrency exchanges, decentralized finance (DeFi) protocols, play-to-earn cryptocurrency video games, cryptocurrency trading companies, venture capital funds investing in cryptocurrency, and individual holders of large amounts of cryptocurrency or valuable non-fungible tokens (NFTs),” the advisory states.
The agencies warned that the malicious cyber activity involves “social engineering of victims” using a “variety of communication platforms” to “encourage individuals to download trojanized cryptocurrency applications on Windows or macOS operating systems.”
“The cyber actors then use the applications to gain access to the victim’s computer, propagate malware across the victim’s network environment, and steal private keys or exploit other security gaps,” the agencies warned. “These activities enable additional follow-on activities that initiate fraudulent blockchain transactions.”