The FBI recently told cryptocurrency companies about a new wave of attacks planned by North Korean hackers that use social engineering to get people to give them personal information. The goal of these sophisticated scams is to steal digital assets from workers at decentralized finance (DeFi) and cryptocurrency businesses.
In a warning released on September 3, the FBI said that North Koreans are breaking into crypto firms using sophisticated methods. Some of these tricks are fake job and business possibilities that are meant to get people to download malware. Scammers often pretend to be well-known people or make up convincing fake situations to get people to trust them.
The attacks are very complicated; the attackers do a lot of study on the victims and use personal information to make their fake identities look real. The crooks talk to each other in perfect English and know a lot about cryptocurrency, which makes their plans even more complicated.
Similar methods have been used by North Korean hackers to steal about $3 billion in cryptocurrency since 2017. Many well-known attacks on the crypto industry are thought to have been carried out by the Lazarus Group, an infamous hacking group with ties to North Korea.
The FBI’s warning is part of a larger attempt to make people more aware of these threats. The agency has warned in the past about scams involving fake repair services and people pretending to work for crypto exchanges.
The FBI suggests that bitcoin companies take a number of safety steps to protect themselves from these threats. Some of these are confirming contacts through multiple lines of communication, not storing private data on devices that are linked to the internet, and needing strong authentication methods. The agency also says that you shouldn’t run unknown code on work computers and that you should use secure platforms for business messaging.
Businesses should unplug the devices that were hacked from the internet right away and tell the FBI’s Internet Crime Complaint Center about it. Giving police a lot of information about the attack can help them do the right thing and stop more breaches.