FBI Warns of North Korean ‘Social Engineering’ Schemes to Steal Cryptocurrency
Date: 2024-09-04 Author: Gabriel Deangelo Categories: IN WORLD
The US Federal Bureau of Investigation (FBI) has issued a warning to employees of digital asset companies about a new attempt by North Korea to steal cryptocurrency.
In a notice issued on September 3, the FBI said that North Korean threat actors are targeting employees of decentralized finance and cryptocurrency companies to steal funds through “sophisticated and sophisticated” social engineering campaigns. Specifically, the federal agency warned that the scammers have targeted companies associated with cryptocurrency exchange-traded funds (ETFs).
How the Scheme Works
The attackers are using schemes involving fake job offers or investment opportunities, as well as impersonating well-known people “involved in certain technologies,” to trick users. Scammers may provide a link to a “pre-employment test” or other download to install malware.
“Actors typically attempt to engage in lengthy conversations with potential victims to build trust and plant malware in situations that may seem natural and non-suspicious,” the FBI said, adding:
Since 2017, North Korean hackers have stolen an estimated $3 billion in cryptocurrency using similar schemes. The Lazarus group, which is linked to the secretive state, is believed to be responsible for many high-profile attacks targeting cryptocurrency users.
The FBI has issued multiple warnings about cryptocurrency scams, including those posing as employees of cryptocurrency exchanges and targeting users to hack their accounts. In June, the federal agency reported that attackers were posing as employees of law firms offering fake cryptocurrency recovery services.
