- Japan’s National Police and Financial Services Agencies noted that the North Korean-sponsored criminal group Lazarus Group has been targeting crypto businesses in the country.
- The Lazarus Group is a North Korean-led cybercriminal group blamed for a variety of cyberattacks that took place between 2010 and 2021.
- The hackers sent phishing emails to employees posing as executives of the target company and used malware to gain network access and managed to steal cryptocurrencies.
The National Police and Financial Services Agencies of Japan have issued a joint declaration where they have revealed that the North Korean-sponsored criminal group, Lazarus Group, has been targeting crypto businesses in the country.
For those who don’t know, Lazarus Groupalso known as Guardians of Peace is a group of cybercriminals run by North Korea. In fact, this group is credited with a variety of cyberattacks that took place between 2010 and 2021.
According to a report from RecordedFuture, Lazarus Group was linked to attacks on users with cryptocurrencies such as Bitcoin and Monero mainly in South Korea. Now, according to the latest statement, it appears that Lazarus Group has targeted companies linked to the crypto ecosystem that are located in Japan.
Phishing always lurking
Apparently Lazarus Group Shipping emails based on phishing strategies to employees of these crypto companies and as often happens, several employees would have fallen into the trap and saw how their computers were infected with malware.
Phishing is a technique frequently used by criminals that is based on social engineering. Through it, criminals seek to appropriate personal information and do so through low-level emails as a hook. They usually include a link that, when the user clicks on it, infects the computer or leads them to a trap to give away their information.
According to the report, hackers would have been posing as executives of crypto companies through emails and social networks.
“This cyber attack group sends phishing emails to employees posing as executives of the target company […] through social networking sites with fake accounts, pretending to transact business […] cyber attack group [entonces] uses the malware as a foothold to gain access to the victim’s network”.
Using malware, the attackers gained access to the company’s security system and managed to steal cryptocurrencies.
Although the police confirmed that several of the attacks carried out this time by Lazarus Group were successful, they did not officially reveal the amount of cryptocurrency that was stolen.
Meanwhile, the statement gave some general safety tips to avoid falling into these types of traps:
- Private keys cannot be online! Never, but never should a person store their private keys from their crypto wallet on the Internet. It is always recommended to have them physically and never write them down in any medium connected to the Internet.
- Be careful when opening emails or messages on social networks! Criminals often create usernames or emails that look too similar to a real one. People must ensure the authenticity of the message they have received.
You might be interested in: