Home / News / Crypto / News / US Crypto ETFs at Risk? FBI Warns of Growing North Korean Hacker Threat
News
3 min read

US Crypto ETFs at Risk? FBI Warns of Growing North Korean Hacker Threat

Published September 4, 2024 11:21 AM
Prashant Jha
Published September 4, 2024 11:21 AM
By Prashant Jha
Verified by Insha Zia
Key Takeaways
  • The FBI warned that North Korean hackers may look to breach crypto funds linked to crypto ETFs.
  • FBI issues a list of complex social engineering techniques hackers may deploy to breach crypto firms.
  • Lazarus is among the most notorious crypto hacker groups, having stolen over $2 billion in crypto.

Federal authorities say the notorious North Korean hacker collective known as Lazarus is apparently targeting the multi-billion dollar United States’ spot crypto exchange-traded funds.

On Tuesday, the Federal Bureau of Investigation (FBI) issued a public warning , cautioning users and highlighting the increasing threat posed by the North Korean hacking group.

North Korean Hackers Eye Bitcoin ETF Funds

The FBI said that hackers’ research has been underway for months and is focused on identifying vulnerabilities in companies associated with crypto ETF products.

According to an agency notification, this activity may be a precursor to attempts to compromise these firms through malicious cyber attacks.

“This research included pre-operational preparations suggesting North Korean actors may attempt malicious cyber activities against companies associated with cryptocurrency ETFs or other cryptocurrency-related financial products,”  The FBI’s notice read.

The notification warned of a sophisticated social engineering campaign in which hackers posing as trusted contacts or potential investors may use fabricated scenarios or malware to gain access to companies’ systems.

The agency described the hackers as “persistent” and adept at crafting convincing communications that are difficult to detect.

North Korean Hacker’s Crypto Pursuit

The North Korean hacking group is among the most relentless cybercriminals in the crypto space.

They are known for using the latest technological advancements and social engineering techniques to steal crypto.

Last year, the FBI warned that the North Korean hacking group was actively trying to breach crypto investment firms by applying for jobs in these companies.

The scam’s modus operandi was to get remote employment in US crypto companies by faking credentials online. Once selected, the hackers would get access to their system, which would allow them to breach and steal crypto using malware attacks.

Amid the growing risk of cyber attacks from the Lazarus group, the FBI asked crypto companies to be more vigilant with their day-to-day operations.

The agency requested crypto companies to limit access to sensitive information and verify contacts’ identities through multiple channels.

Lazarus Group Has Stolen Billions in Crypto

According to US official records , the Lazarus Group has amassed a staggering $2 billion in stolen cryptocurrency assets.

Despite being sanctioned by the US in 2019 and facing repeated disruptions, the group has consistently adapted and refashioned its tactics to evade detection and stay ahead of its targets.

North Korea hacks.
Top hacks by Lazarus Group| Credit: Hacken

The group’s attacks have become increasingly sophisticated, targeting high-profile victims with remarkable success. Recovery of stolen assets has proven nearly impossible.

The latest victim to fall prey to Lazarus Group’s tactics was India’s largest crypto exchange, WazirX.

In July, the hackers breached the exchange’s security and made off with a staggering $235 million.

According to the investigation, the group managed to circumvent WazirX’s know-your-customer (KYC) protocol by registering on the exchange just ten days before the heist. This allowed them to access and plunder millions in Ethereum and Ethereum-based tokens from multiple segregated cold wallets.

Was this Article helpful? Yes No