The United States, Japan, and South Korea have issued a warning against North Korean threat actors that are actively and aggressively targeting the cryptocurrency industry. In their joint statement, the countries said that groups of attackers affiliated with the Democratic People’s Republic of Korea (DPRK) continue to conduct numerous cybercrime campaigns to steal cryptocurrencies. These attackers – including the Lazarus hacker group, which the U.S. believes has been conducting cyberattacks around the world since 2009 – are targeting “exchanges, custodians of digital assets, and individual users.” And apparently, in 2024 alone, they stole $659 million worth of crypto assets.
The North Korean hackers used “well-disguised social engineering attacks” to infiltrate their targets’ systems, the countries said. They also warned that attackers could gain access to systems belonging to the private sector by posing as freelance IT workers. Back in 2022, the United States issued guidance on how to identify potential North Korean workers, including how they typically log in from multiple IP addresses, transfer money to accounts in the People’s Republic of China, request crypto payments, have inconsistencies in their personal information, and are sometimes unavailable during business hours.
Once the attackers get into the system, they usually deploy malware such as keyloggers and remote access tools to be able to steal login credentials and ultimately virtual currency that they can control and sell. As for where the stolen funds go: In 2022, the UN published a report describing the discovery by its investigators that North Korea was using money stolen by associated threat actors for its missile programs. “Our three governments are making joint efforts to prevent theft, including from the private sector, by the DPRK and to recover stolen funds, with the ultimate goal of depriving the DPRK of illicit revenues for its illicit weapons of mass destruction and ballistic missile programs,” the United States, Japan, and South Korea said.
