The US Federal Bureau of Investigation (FBI) has issued a stern warning about North Korean cybercriminals who are reportedly “aggressively targeting” workers in the web3 and cryptocurrency sectors.
According to a recent statement from the FBI, these malicious actors use advanced social engineering techniques to infiltrate networks and steal cryptocurrency assets.
The FBI has detailed how North Korean hackers used sophisticated strategies to deceive people working at cryptocurrency and decentralized finance (DeFi) firms. By compromising networks tied to cryptocurrency assets, these cybercriminals pose a “persistent threat” to companies that hold large amounts of digital currency or are involved in related financial products.
“Over the past several months, North Korean cybercriminals have conducted extensive research on a variety of targets associated with cryptocurrency ETFs,” the FBI said. “This research suggests that North Korean perpetrators may be planning to conduct malicious cyber activities against companies associated with cryptocurrency ETFs or other crypto-related financial products.”
In their efforts to target these companies, North Korean hackers have been known to impersonate key figures in an employee’s organization or create elaborate fake scenarios tailored to the victim’s background and business interests.
Other methods include tricking victims into downloading apps onto devices connected to the company network or requiring the use of non-standard software for simple tasks like video conferencing. In some cases, hackers have even used debugging exercises involving malicious code packages.
To mitigate these risks, the FBI advises companies to avoid storing cryptocurrency wallet information on internet-connected devices, avoid debugging exercises on company computers, and implement systems that verify identities through separate communications platforms.
*This is not investment advice.