Lazarus, a North Korean-backed hacker group, has sent phishing messages to Japanese crypto exchange employees to infect their computers with malware, causing some companies to have their systems stolen and cryptocurrencies stolen, according to the National Police Agency last week. Lazarus also disclosed that social networking sites had threatened to persuade employees to download the malware.
The National Police Agency (NPA) and Financial Services Agency (FSA) issued a public advisory letter on October 14, sending a warning to the country''s crypto-asset businesses. They urged them to remain vigilant about the group''s phishing threats aimed at stealing crypto assets.
Using malware as a security foothold to access the victim''s network, the phishing emails that are attempting to conduct business transactions contain malware.
North Korean hackers have used phishing as a common form of attack. The National Security Agency (NPA) and the Financial Security Agency have since urged targeted businesses to keep their "private keys in an offline environment" and "not open email attachments or hyperlinks maliciously."
The National Protection Agency (NPA) argues that digital asset holders "install security software" and strengthen identity authentication mechanisms by "implementing multi-factor authentication." Moreover, account holders are unlikely to use the same password for many devices or services.
- India to Work on Global Crypto Rules During Upcoming G20 Presidency
The NPA has confirmed that several of these attacks have been successful against Japanese digital asset companies, but they haven''t disclosed any details yet.
The Lazarus group was accused of being the behind-the-scenes behind the $650 million (roughly Rs. 5,355 crore) Ronin Bridge attack in March, and was named suspects in the $100 million (roughly Rs. 824 crore) attack from layer-1 blockchain Harmony.