Japan’s NPA claims North Korea’s Lazarus Group is targeting crypto firms

The Japanese National Police has identified Lazarus, a North Korean hacker group, as the group responsible for several years of cyber attacks including encryption.

Japan’s National Police Agency (NPA) and Financial Services Agency (FSA) have issued a public advisory statement To encourage crypto-asset companies in the country to beware of “phishing” attacks by a gang of hackers aiming to steal crypto assets. According to local accounts, this is the seventh time in history that the government has issued an advisory statement on “public attribution.”

How does phishing work?

According to the document, the North Korean hacking organization is communicating with employees of crypto-asset companies on social media and sending them emails while posing as the leader of the operation to access the company’s network and steal crypto assets.

This group of cyber attacks sends phishing emails to employees pretending to be managers of the target company […] Through social networking sites using fake accounts, pretending to conduct business transactions […] cyber attack group [then] It uses malware as a foothold to gain access to the victim’s network.”

The authorities recommended being careful when opening files attached to emails and keeping secret keys to confidential data offline to prevent becoming a victim of such an attack.

The 2017 WannaCry ransomware attack is also believed to have been carried out by the North Korean organization. The US Federal Bureau of Investigation identified the group’s involvement in a case of stolen crypto assets estimated at $78 billion in April of this year.

The Environmental Protection Agency (NPA) and the Financial Services Authority (FSA) have urged target organizations to keep their “private keys in an offline environment” and “not to carelessly open email attachments or hyperlinks.” This is because phishing has been a widespread attack method used by North Korean hackers.

Specifically for applications that use crypto assets, the statement continued, individuals and companies should “not obtain files from sources other than those that can be validated.”

The NPA acknowledged that many of these attacks against Japanese digital asset firms were effective. However, any other information has been withheld.

What is the Lazarus Collection?

The Foreign Intelligence Organization’s General Reconnaissance Office, run by the North Korean government, is said to have links to the Lazarus Group. Yomiuri Shimbun Katsuyuki Okamoto According to international IT firm Trend Micro, “Lazarus initially targeted banks in different countries, but recently targeted loosely managed crypto assets.”

They have been named as suspects in the $100 million Harmony blockchain attack. They are also suspected of being the hackers behind the $650 million Ronin Bridge hack in March.

Leave a Reply

Your email address will not be published. Required fields are marked *