Security News > 2021 > February > US shares info on North Korean malware used to steal cryptocurrency
The FBI, CISA, and US Department of Treasury shared detailed info on malicious and fake crypto-trading applications used by North Korean-backed state hackers to steal cryptocurrency from individuals and companies worldwide in a joint advisory published on Wednesday.
"It is likely that these actors view modified cryptocurrency trading applications as a means to circumvent international sanctions on North Korea-the applications enable them to gain entry into companies that conduct cryptocurrency transactions and steal cryptocurrency from victim accounts."
Along with the joint advisory, the US agencies have also released seven malware analysis reports with indicators of compromise and information on each of the North Korean APT's malicious apps used in this far-reaching and wide-ranging cryptocurrency theft campaign.
The U.S. Justice Department charged three North Koreans yesterday for stealing $1.3 billion in money and cryptocurrency in attacks on banks, the entertainment industry, cryptocurrency companies, and other organizations.
A confidential United Nations report previously said in 2019 that North Korean operators stole an estimated $2 billion following at least 35 cyberattacks on banks and cryptocurrency exchanges across more than a dozen countries.
The same year, the U.S. Treasury sanctioned three North Korean hacking groups for funneling stolen financial assets to the North Korean government.
News URL
Related news
- New Perfctl Malware Targets Linux Servers for Cryptocurrency Mining and Proxyjacking (source)
- North Korean ScarCruft Exploits Windows Zero-Day to Spread RokRAT Malware (source)
- North Korean Hackers Target Crypto Firms with Hidden Risk Malware on macOS (source)
- North Korean hackers use new macOS malware against crypto firms (source)
- North Korean Hackers Target macOS Using Flutter-Embedded Malware (source)