Japan, South Korea, and the US warned the global crypto industry about threats posed by hacks attributed to North Korean actors in a joint statement published on Jan. 14.

According to the statement, groups allegedly tied to the Democratic People’s Republic of Korea (DPRK) are targeting exchanges, crypto custodians, and individual users. It highlighted the activity of the notorious “Lazarus Group,” which continues to engage in highly strategic cybercrime campaigns.  

The authorities highlighted high-profile hacks in 2024, such as the DMM Bitcoin, Upbit, and Rain Management, all of which are tied to North Korean actors. These hacks resulted in over $370 million in losses cumulatively.

Additionally, retrospective analyses have revealed significant breaches in 2023, including a $235 million theft on WazirX and the $50 million hack of the money market Radiant Capital.

Evolving tactics

The statement also highlighted the use of social engineering and malware strategies. It highlighted tools such as TraderTraitor and AppleJeus deployed in targeted attacks to infiltrate and compromise victims. 

Governments have also observed a trend of DPRK IT workers embedded within global private sector organizations, posing insider threats.  

To address these risks, the US, South Korea, and Japan have issued numerous advisories urging businesses, particularly in the blockchain and freelance industries, to vet their workforce and rigorously bolster cybersecurity measures.  

Furthermore, the trilateral warning emphasizes the importance of deeper collaboration between governments and private sector stakeholders. 

In the US, initiatives such as the Illicit Virtual Asset Notification (IVAN) program, the Cryptoasset and Blockchain Information Sharing and Analysis Center (Crypto-ISAC), and the Security Alliance (SEAL) have been launched to improve incident respon

Go to Source to See Full Article
Author: Gino Matos