FBI Alert: Bitcoin and Ethereum ETFs Pose Significant Risks

The FBI has issued a warning to companies involved with Bitcoin and Ethereum ETFs regarding a potential threat from North Korean hackers. The notice, released recently, cautions that these hackers are employing sophisticated social engineering tactics to target crypto ETF companies. North Korea’s cyber actors have been conducting reconnaissance on these companies for some time, potentially with the intention of launching attacks.

The FBI emphasized that North Korea utilizes advanced and covert methods to pilfer digital assets from companies holding substantial funds. These cyber actors employ social engineering strategies, including thorough pre-operational research and impersonation, to trick employees into providing access to their networks. Moreover, the FBI stated that these malicious actors enhance their impersonation techniques by using realistic images of individuals familiar to the victims.

Distinctive signs of North Korea’s social engineering tactics encompass deceitful investment proposals from prominent crypto firms, requests to execute suspicious codes, and unsolicited job offers promising unrealistic remuneration. To safeguard against falling victim to scammers, the FBI recommended that crypto ETF-related companies establish unique verification procedures for contacts and refrain from storing crypto wallet details on internet-connected devices.

Furthermore, the FBI shared guidelines to assist companies already affected by these social engineering tactics, such as disconnecting impacted devices from the internet, reporting incidents to the FBI’s complaint center, and exchanging insights with employees. Earlier this year, the U.S. SEC sanctioned multiple Bitcoin and Ethereum spot-based ETFs. While Bitcoin spot ETFs have garnered substantial investments from conventional investors, Ethereum funds have not fared as well.

Data from Farside Investors indicates that Bitcoin ETFs have attracted $17.31 billion in inflows since their launch on January 10. Conversely, Ethereum ETFs have seen an outflow of $524.8 million since July 23. The outflow in the Ethereum spot ETF market is linked to Grayscale’s converted Ethereum Trust ETF. Nevertheless, other Ethereum ETF issuers have recorded significant inflows, capturing the interest of investors and scammers alike.

In recent years, North Korean cyber actors have targeted crypto exchanges. Instances include the theft of over $70 million worth of BTC, ETH, and XRP from CoinEx last year. Additionally, in 2022, North Korean hackers attempted unsuccessfully to pilfer funds from an undisclosed Israel-based exchange. Notably, most North Korea-related scams are attributed to the Lazarus Group, a well-known hacking organization.