Security News > 2021 > February > US shares info on North Korean malware used to steal cryptocurrency

The FBI, CISA, and US Department of Treasury shared detailed info on malicious and fake crypto-trading applications used by North Korean-backed state hackers to steal cryptocurrency from individuals and companies worldwide in a joint advisory published on Wednesday.
"It is likely that these actors view modified cryptocurrency trading applications as a means to circumvent international sanctions on North Korea-the applications enable them to gain entry into companies that conduct cryptocurrency transactions and steal cryptocurrency from victim accounts."
Along with the joint advisory, the US agencies have also released seven malware analysis reports with indicators of compromise and information on each of the North Korean APT's malicious apps used in this far-reaching and wide-ranging cryptocurrency theft campaign.
The U.S. Justice Department charged three North Koreans yesterday for stealing $1.3 billion in money and cryptocurrency in attacks on banks, the entertainment industry, cryptocurrency companies, and other organizations.
A confidential United Nations report previously said in 2019 that North Korean operators stole an estimated $2 billion following at least 35 cyberattacks on banks and cryptocurrency exchanges across more than a dozen countries.
The same year, the U.S. Treasury sanctioned three North Korean hacking groups for funneling stolen financial assets to the North Korean government.
News URL
Related news
- North Korean hackers spotted using ClickFix tactic to deliver malware (source)
- North Korean Hackers Target Freelance Developers in Job Scam to Deploy Malware (source)
- Chinese hackers use custom malware to spy on US telecom networks (source)
- North Korean Hackers Steal $1.5B in Cryptocurrency (source)
- MassJacker malware uses 778,000 wallets to steal cryptocurrency (source)
- New MassJacker Malware Targets Piracy Users, Hijacking Cryptocurrency Transactions (source)