Federal authorities say the notorious North Korean hacker collective known as Lazarus is apparently targeting the multi-billion dollar United States’ spot crypto exchange-traded funds.
On Tuesday, the Federal Bureau of Investigation (FBI) issued a public warning , cautioning users and highlighting the increasing threat posed by the North Korean hacking group.
The FBI said that hackers’ research has been underway for months and is focused on identifying vulnerabilities in companies associated with crypto ETF products.
According to an agency notification, this activity may be a precursor to attempts to compromise these firms through malicious cyber attacks.
“This research included pre-operational preparations suggesting North Korean actors may attempt malicious cyber activities against companies associated with cryptocurrency ETFs or other cryptocurrency-related financial products,” The FBI’s notice read.
The notification warned of a sophisticated social engineering campaign in which hackers posing as trusted contacts or potential investors may use fabricated scenarios or malware to gain access to companies’ systems.
The agency described the hackers as “persistent” and adept at crafting convincing communications that are difficult to detect.
The North Korean hacking group is among the most relentless cybercriminals in the crypto space.
They are known for using the latest technological advancements and social engineering techniques to steal crypto.
Last year, the FBI warned that the North Korean hacking group was actively trying to breach crypto investment firms by applying for jobs in these companies.
The scam’s modus operandi was to get remote employment in US crypto companies by faking credentials online. Once selected, the hackers would get access to their system, which would allow them to breach and steal crypto using malware attacks.
Amid the growing risk of cyber attacks from the Lazarus group, the FBI asked crypto companies to be more vigilant with their day-to-day operations.
The agency requested crypto companies to limit access to sensitive information and verify contacts’ identities through multiple channels.
According to US official records , the Lazarus Group has amassed a staggering $2 billion in stolen cryptocurrency assets.
Despite being sanctioned by the US in 2019 and facing repeated disruptions, the group has consistently adapted and refashioned its tactics to evade detection and stay ahead of its targets.
The group’s attacks have become increasingly sophisticated, targeting high-profile victims with remarkable success. Recovery of stolen assets has proven nearly impossible.
The latest victim to fall prey to Lazarus Group’s tactics was India’s largest crypto exchange, WazirX.
In July, the hackers breached the exchange’s security and made off with a staggering $235 million.
According to the investigation, the group managed to circumvent WazirX’s know-your-customer (KYC) protocol by registering on the exchange just ten days before the heist. This allowed them to access and plunder millions in Ethereum and Ethereum-based tokens from multiple segregated cold wallets.