Japan has identified Lazarus, the North Korean hacking group, to be behind crypto-related cyber attacks in the country for years.
The National Police Agency (NPA) and Financial Services Agency (FSA) of Japan issued a public advisory statement on October 14 warning the country's crypto-asset firms to be cautious of "phishing" attacks by the hacking gang intended to steal crypto assets, Cointelegraph reported. According to local reports, this is the fifth time in history that the government has issued such an advisory statement, which is known as “public attribution.”
According to the statement, the hacker gang used social engineering to plan phishing attacks, posing as executives of a target business to try to trick staff members into clicking on harmful links or attachments.
“This cyber attack group sends phishing emails to employees impersonating executives of the target company [...] through social networking sites with false accounts, pretending to conduct business transactions...” the statement reads. “The cyber-attack group [then] uses the malware as a foothold to gain access to the victim's network.”
The NPA and FSA urged targeted organizations to retain their “private keys in an offline environment” and to “not open email attachments or hyperlinks carelessly.” The statement noted that phishing had been a common method of attack employed by North Korean hackers.
The agencies specifically warned businesses and individual net users to “not download files from sources other than those whose authenticity can be verified, especially for applications related to cryptographic assets.”
The NPA also recommended a number of ways crypto owners can further protect themselves from potential phishing attacks. These include installing security software, using multi-factor authentication, and not using the same password across several devices or services.
The NPA acknowledged that Lazarus had successfully carried out several of these attacks targeting Japan-based digital asset companies. However, the agency did not disclose the identities of these crypto firms.
The Lazarus Group is reportedly affiliated with North Korea’s Reconnaissance General Bureau. “Lazarus initially targeted banks in various countries, but recently it has been aiming at crypto assets that are managed more loosely,” Trend Micro’s Katsuyuki Okamoto said.
It is believed that Lazarus was behind last March’s $650 million Ronin Bridge exploit. The group is also suspected of being involved in the $100 million attack from layer-1 blockchain Harmony.
Comment 0