Dec 28, 2022
88 Views
Comments Off on North Korean hackers are pretending to be crypto VCs in new phishing scheme: Kaspersky
0 0

North Korean hackers are pretending to be crypto VCs in new phishing scheme: Kaspersky

Written by pinmin


State-sponsored Lazarus Group and associated hackers have had a busy year, and 2023 may see even more activity, the cybersecurity lab warned.

BlueNoroff, part of the North Korean state-sponsored Lazarus Group, has renewed its targeting of venture capital firms, crypto startups and banks. Cybersecurity lab Kaspersky reported that the group has shown a spike in activity after a lull for most of the year and is testing new delivery methods for its malware.

BlueNoroff has created more than 70 fake domains that mimic venture capital firms and banks. Most of the fakes presented themselves as well-known Japanese companies, but some also assumed the identity of United States and Vietnamese companies.

The group has been experimenting with new file types and other malware delivery methods, according to the report. Once in place, its malware evades Windows Mark-of-the-Web security warnings about downloading content and then goes on to “intercept large cryptocurrency transfers, changing the recipient’s address, and pushing the transfer amount to the limit, essentially draining the account in a single transaction.”

Related: North Korea’s Lazarus behind years of crypto hacks in Japan — Police

According to Kaspersky, the problem with threat actors is worsening. Researcher Seongsu Park said in a statement:

“The coming year will be marked by the cyber epidemics with the biggest impact, the strength of which has been never seen before. […] On the threshold of new malicious campaigns, businesses must be more secure than ever.”

The BlueNoroff subgroup of Lazarus was first identified after it attacked the Bangladeshi central bank in 2016. It was among a group of North Korean cyber threats the U.S. Cybersecurity and Infrastructure Security Agency and Federal Bureau of Investigation mentioned in an alert issued in April.

North Korean threat actors associated with the Lazarus Group have been spotted attempting to steal nonfungible tokens in recent weeks as well. The group was responsible for the $600-million Ronin Bridge exploit in March.

You can get bonuses upto $100 FREE BONUS when you:
💰 Install these recommended apps:
💲 SocialGood – 100% Crypto Back on Everyday Shopping
💲 Maiar – DeFi For The Next Billion
💲 CryptoTab Browser – Lightweight, fast, and ready to mine!
💰 Register on these recommended exchanges:
🟡 Binance🟡 Bitfinex🟡 Bitmart🟡 Bittrex🟡 Bitget
🟡 CoinEx🟡 Crypto.com🟡 Gate.io🟡 Huobi🟡 Kucoin.





<< Den vollständigen Artikel: North Korean hackers are pretending to be crypto VCs in new phishing scheme: Kaspersky >> hier vollständig lesen auf coinsnews.com.

Article Categories:
Finanzen

Comments are closed.