North Korea is in the news again, and this time, it's not for anything good. The largely isolated country is usually not interested in many Western practices and technologies, but it seems that they are very much interested in one. One of the biggest global technologies, crypto, has captured the country’s attention, and they are going to extreme lengths to get their hands on it.
The FBI has issued many warnings about North Korean hackers stealing crypto over the past months, but these hackers have been unbothered. New information has revealed that in one of their most recent attacks, they exploited a previously unknown bug in Chrome-based browsers to target organizations and steal their crypto.
A report released by Microsoft revealed that the infamous North Korean crypto hacker group Citrine Sleet exploited a flaw in a core engine within Chromium, the foundation code of popular browsers, including Edge and Chrome.
The report showed that the hackers carried out their attack on a zero-day when Google, the company behind Chromium, was unaware of the bug and had no time to issue a fix before it was exploited. It was not until two days after the exploitation that Google could fix the bug.
Google later commented that the bug had been patched but refused to comment on which and how many persons and organizations were targeted by the hacking campaign.
Following this news, the FBI has intensified its warnings about the North Korean hackers. On September 3, the FBI issued a notice that the hackers are now targeting workers at DeFi and Crypto companies to steal funds through “complex and elaborate” social engineering campaigns.
The FBI revealed that the hackers used schemes such as fake employment offers, investment opportunities, and impersonating popular crypto figures to trick users. Then they gave them a link to a “pre-employment test” or another download that contained malware.
According to the notice, these hackers were patient and spent time building rapport with targets before deploying malware in the most natural way. They also communicated in fluent or near-fluent English and were well-versed in many technical aspects of the crypto space, which makes them seem more legitimate.
But while their approach is subtle, their actions are drastic. Using such schemes, North Korean hackers have stolen roughly $3 billion in crypto. The Citrine Group is also not the only hacker group at work. Another group, the Lazarus Group, was also mentioned, which is allegedly responsible for many high-profile attacks targeting crypto users.
Crypto was supposed to be the new, discreet, and secure way to handle financial transactions. However, these attacks by North Korean groups have shown that there is still more work to be done to make crypto a secure and safe way to trade.
Disclaimer: All materials on this site are for informational purposes only. None of the material should be interpreted as investment advice. Please note that despite the nature of much of the material created and hosted on this website, HODL FM is not a financial reference resource and the opinions of authors and other contributors are their own and should not be taken as financial advice. If you require advice of this sort, HODL FM strongly recommends contacting a qualified industry professional.