Security News > 2021 > February > US shares info on North Korean malware used to steal cryptocurrency
The FBI, CISA, and US Department of Treasury shared detailed info on malicious and fake crypto-trading applications used by North Korean-backed state hackers to steal cryptocurrency from individuals and companies worldwide in a joint advisory published on Wednesday.
"It is likely that these actors view modified cryptocurrency trading applications as a means to circumvent international sanctions on North Korea-the applications enable them to gain entry into companies that conduct cryptocurrency transactions and steal cryptocurrency from victim accounts."
Along with the joint advisory, the US agencies have also released seven malware analysis reports with indicators of compromise and information on each of the North Korean APT's malicious apps used in this far-reaching and wide-ranging cryptocurrency theft campaign.
The U.S. Justice Department charged three North Koreans yesterday for stealing $1.3 billion in money and cryptocurrency in attacks on banks, the entertainment industry, cryptocurrency companies, and other organizations.
A confidential United Nations report previously said in 2019 that North Korean operators stole an estimated $2 billion following at least 35 cyberattacks on banks and cryptocurrency exchanges across more than a dozen countries.
The same year, the U.S. Treasury sanctioned three North Korean hacking groups for funneling stolen financial assets to the North Korean government.
News URL
Related news
- North Korean Hackers Target Cryptocurrency Users on LinkedIn with RustDoor Malware (source)
- US dismantles laptop farm used by undercover North Korean IT workers (source)
- New macOS Malware TodoSwift Linked to North Korean Hacking Groups (source)
- New Tickler malware used to backdoor US govt, defense orgs (source)
- New Tickler malware used to backdoor US govt, defense orgs (source)
- North Korean Threat Actors Deploy COVERTCATCH Malware via LinkedIn Job Scams (source)
- New Linux Malware Campaign Exploits Oracle Weblogic to Mine Cryptocurrency (source)
- Binance Warns of Rising Clipper Malware Attacks Targeting Cryptocurrency Users (source)
- North Korean Hackers Target Energy and Aerospace Industries with New MISTPEN Malware (source)