North Korean Hackers Targeting Digital Asset Companies with Sophisticated Social Engineering Campaigns

The U.S. ⁣Federal Bureau ‍of ​Investigation (FBI) has issued a warning to employees of digital asset⁤ companies‍ about recent cryptocurrency theft⁢ attempts by North Korea. In⁢ a recent ⁤bulletin, the FBI revealed that North Korean malicious cyber actors are targeting employees of decentralized finance and cryptocurrency companies to‌ steal funds through complex and sophisticated social‍ engineering campaigns.

How the Scam ​Works

Scammers use various methods to trick users, including offering fake job offers, investment opportunities, or posing as famous people related to a​ particular technology. The scammers may then offer “pre-employment tests”‌ or other download links ‌to trick users into installing malicious software. ​The FBI added​ that scammers typically ⁣engage in a ‍prolonged conversation with their victims to build trust and deliver the malware in a natural, non-threatening setting.

The ‌scammers communicate with their victims in fluent or near-fluent English and are well-versed in the technical aspects of the cryptocurrency space.

North Korean Hackers’ History‌ of Cryptocurrency Theft

Since 2017, North Korean hackers have been using this⁢ method to steal cryptocurrency. About $3 billion worth of cryptocurrency was stolen, with the Lazarus Group, a hacker group ​with ties to the reclusive ⁣state, being blamed for a number of high-profile cryptocurrency user ‍attacks.

Related News

ZachXBT claims 21 North Korean cryptocurrency ​developers are​ earning $500,000 ‌a month. The FBI has issued several warnings about cryptocurrency scammers, including attempts to ‌take over⁣ users’ accounts ⁣by pretending to be a cryptocurrency exchange employee.

Protecting Yourself from Cryptocurrency Scams

To avoid falling victim to these scams, it’s essential ​to be cautious when receiving unsolicited job offers or investment⁢ opportunities. Verify the authenticity of the offer and the company before providing any personal or financial information. Additionally, be wary of download links or attachments from unknown ⁢sources, as they may contain malicious software.