HomeCrypto NewsSecurityNorth Korean hackers are targeting startups...

North Korean hackers are targeting crypto startups

- Advertisement -

BlueNoroff, a North Korean hacking group, is currently mainly targeting crypto startups, according to a report from cybersecurity firm Kaspersky.

BlueNoroff Targets Crypto Startups Only

According to a new report from Kapersky, North Korean hacking group BlueNoroff has almost exclusively targeted crypto startups.

- Advertisement -

BlueNoroff is a hacking group with ties to the major crypto crime group Lazarus, which is known to have close ties to North Korea in the past.

The group initially targeted banks and payment networks SWIFT, beginning with an attack on the Central Bank of Bangladesh in 2016.

But now, BlueNoroff has “shifting its focus… to crypto businesses” instead of traditional banks, Kaspersky said.

According to the report, the group had previously started each attack by “follow and research successful crypto startups” through lengthy phishing campaigns involving emails and internal chats.

BlueNoroff has impersonated a number of crypto businesses including the merchant arm of Cardano, Emurgo, and New York-based Digital Currency Group firm VC.

The group has also impersonated Beenos, Coinsquad, Decrypt Capital, and Coinbig.

Kaspersky noted that those companies were not compromised in the attacks.

Hackers are getting more sophisticated

After gaining the trust of the target startup and its members, the hackers will ask the company to install a modified software update with backdoor access, allowing for deeper penetration.

The team will then use the backdoor to collect the user's login information and monitor the user's keystrokes.

Kaspersky says that monitoring of user activity will be lengthy “in a few weeks or months.”

BlueNoroff typically exploits CVE-2017-0199 in Microsoft Office, allowing Visual Basic scripts to be executed in Word documents.

The hacker group will also replace browser wallet add-ons, such as Metamask, with compromised versions.

These strategies allow hackers to steal company money as well “establishing an extensive surveillance infrastructure” Notify the hacker group of large transactions.

How much was stolen?

Kaspersky did not say how much money was stolen through these attacks. However, Kaspersky's Costin Raiu previously identified bZx as a target in BlueNoroff's SnatchCrypto campaign.

That exchange saw $55 million stolen in November 11.

The U.S. Department of the Treasury has also stated that BlueNoroff, along with Lazarus and other subgroups, stole $571 million in cryptocurrency from the exchange between January 1 and September 2017.

North Korea stole $1,7 billion in crypto and considers it a 'long-term investment'

BlueNoroff stole more than $1,1 billion from financial institutions in 2018, the Treasury Department said in the same report.


See more:

Rate this post
- Advertisement -

Maybe you are interested

Major corporations invest $6 billion in blockchain startups

Forty top corporations have invested around $6 billion in blockchain startups since September...

Luxury resorts in Maldives and Thailand accept crypto payments

Luxury resort chain Soneva has started accepting cryptocurrency payments at its resorts...

CoinEx Charity actively supports education with a fund of up to millions of USD

Charity is not only the pursuit of a noble cause but also bringing people happiness from...

Iran imports goods paid for in crypto for the first time

This week, Iran imported a total of $10 million worth of goods paid for in cryptocurrencies. 9th...

Slope Wallet says it will pay 10% bonus if the attacker returns the stolen funds

Slope Wallet, hacked this week causing $5 million in damage, will pay thieves 10% bonus. Slope Wallet,...

Related posts

- Advertisement -