Security News > 2022 > January > North Korean Hackers Stole Millions from Cryptocurrency Startups Worldwide

Operators associated with the Lazarus sub-group BlueNoroff have been linked to a series of cyberattacks targeting small and medium-sized companies worldwide with an aim to drain their cryptocurrency funds, in what's yet another financially motivated operation mounted by the prolific North Korean state-sponsored actor.

Russian cybersecurity company Kaspersky, which is tracking the intrusions under the name "SnatchCrypto," noted that the campaign has been running since at 2017, adding the attacks are aimed at startups in the FinTech sector located in China, Hong Kong, India, Poland, Russia, Singapore, Slovenia, the Czech Republic, the U.A.E., the U.S., Ukraine, and Vietnam.

According to a new report published by blockchain analytics firm Chainalysis, the Lazarus Group has been linked to seven attacks on cryptocurrency platforms that extracted almost $400 million worth of digital assets in 2021 alone, up from $300 million in 2020.

Documented malicious activity involving the nation-state actor have take the form of cyber-enabled heists against foreign financial institutions, notably the SWIFT banking network hacks in 2015-2016, with recent campaigns resulting in the deployment of a backdoor called AppleJeus that poses as a cryptocurrency trading platform to plunder and transfer money to their accounts.

The ultimate goal of the attacks is to monitor financial transactions of the compromised users and steal cryptocurrency.

"Nation-states, especially those under strict tariffs or other financial restrictions, can benefit greatly by stealing and manipulating cryptocurrency. Many times, a cryptocurrency wallet can contain multiple types of cryptocurrency, making them a very appealing target," Kron added.

News URL

https://thehackernews.com/2022/01/north-korean-hackers-stole-millions.html