FBI Alert: North Korean Hackers Targeting Bitcoin ETF Firms
North Korean cybercriminals have escalated their efforts and are enhancing their strategies to pilfer cryptocurrency, with a focus on individuals associated with digital asset exchange-traded funds (ETFs), as per a warning issued by the FBI. The agency disclosed that these criminal elements from the secluded nation are now engaging in intricate social engineering schemes that are challenging to detect, particularly targeting professionals in the cryptocurrency industry, including those involved in decentralized finance (DeFi) and ETFs.
The sophisticated scams involve impersonation tactics or fraudulent job offers to extract valuable personal information from individuals working in the digital asset sector, commonly known as phishing scams. The FBI highlighted that North Korean malicious cyber actors have been conducting research on various targets linked to cryptocurrency ETFs in recent months, hinting at potential malicious cyber activities against companies affiliated with cryptocurrency ETFs or other cryptocurrency-related financial products.
Even individuals well-versed in cybersecurity practices are susceptible to falling victim to these increasingly sophisticated scams, as emphasized by the FBI. The U.S. Securities and Exchange Commission (SEC) greenlit spot Bitcoin and Ethereum ETFs this year, enabling traditional investors to access the two leading cryptocurrencies through shares traded on stock exchanges. While the FBI alert did not specify any particular cryptocurrencies, Bitcoin ETFs hold prominence in the American market and have been in operation since January, alongside crypto futures ETFs. Ethereum funds, on the other hand, have only recently entered the U.S. market.
North Korean actors have a history of targeting crypto companies and protocols, with state-sponsored cyber hacking group Lazarus Group allegedly utilizing tools like Tornado Cash and other applications to obfuscate the trail of illicitly obtained funds, as reported by American authorities. Chainalysis, a blockchain data firm, has indicated that the group illicitly acquires hundreds of millions of dollars in crypto annually by targeting crypto exchanges and platforms, including the theft of approximately $622 million worth of crypto from the Ethereum gaming network Ronin in March 2022.
For further details or inquiries, the FBI has not yet responded to Decrypt’s queries. The article was edited by Andrew Hayward.
