US government warns of North Korean crypto hackers

Sanne Moonemans
Sanne Moonemans April 21, 2022
Updated 2022/04/21 at 6:14 PM
3 Min Read

The US Cybersecurity and Infrastructure Security Agency (CISA) released a statement yesterday with a striking warning. It states that hacking groups from North Korea use different techniques to steal crypto.

This warning is apparently very important, as it came from three major US government entities. The Federal Bureau of Investigation, the Cybersecurity and Infrastructure Security Agency (CISA), and the US Treasury Department issued this warning jointly. It was referred to as a cybersecurity advisory.

The targets

It says the US government found hacker groups sponsored by North Korea. Users can be indirectly victimized as the hackers target crypto companies.

The announcement says that major investors should pay attention, but the main focus is on crypto exchanges, decentralized financing protocols, play-to-earn games, venture capital firms and trading firms.

The reason the hackers are targeting crypto, according to the warning, is to steal and launder money to support the North Korean regime. This isn’t the first time this has happened.

North Korea started hacking crypto exchanges years ago. In 2018, the country already stole half a billion dollars, and in 2019 another 2 billion. These are considerable sums that do not necessarily end up in the right place. Not long ago, stolen crypto was used by North Korea to fund missile programs.

TraderTraitor campaigns

Hacking groups have been actively trying to steal crypto from various crypto companies using various techniques, according to the warning. Two of these techniques were phishing campaigns and social engineering. So how did these hackers work?

It starts with sending messages. “The messages often mimic a recruiting effort and offer high-paying jobs to trick recipients into downloading malware-laden cryptocurrency applications, which the U.S. government refers to as ‘TraderTraitor,’” the announcement said.

“The term TraderTraitor describes a range of malicious applications […] The malicious applications are derived from a variety of open-source projects and purport to be cryptocurrency trading or price prediction tools. TraderTraitor campaigns feature websites with a modern design that promote the purported features of the applications.”

The post US government warns of North Korean crypto hackers appeared first on Coin Journal.

Share this Article