Gli hacker collegati al gruppo Lazarus si travestono da venture capitalist nel nuovo schema

  • Gli hacker nordcoreani, incluso il gruppo Lazarus, hanno fatto irruzione nelle aziende crittografiche dal 2017.
  • Lazarus ha ideato diversi attacchi, tra cui l'hacking del Ronin Bridge da 600 milioni di $.
  • Gli esperti di sicurezza si aspettano che gli hacker continuino le loro incursioni contro le società di crittografia nel 2023.

Secondo un recente rapporto from the cybersecurity company Kaspersky, BlueNoroff, a cybercrime group connected to the North Korean government-sponsored Lazarus Group, has innovato its fraudulent acts to include disguising itself as venture capitalists looking to invest in cryptocurrency startups. The group seems keen on attacking crypto firms and banks.

According to Kaspersky, the criminal organization is investigating new ways to spread its malware after experiencing a lull for the majority of the year. BlueNoroff reportedly set up more than 70 phony websites that imitate banks and venture capital businesses. The majority of the fraud sites pretended to be reputable Japanese firms, while some also claimed to be American and Vietnamese businesses.

Kaspersky claims that BlueNoroff is employing malware to attack businesses involved in blockchain, smart contracts, DeFi, and the FinTech sector. According to Kaspersky, BlueNoroff also uses malware to get beyond Windows’ Mark-of-the-Web (MOTW) protection, which provides an alert when users attempt to view a file downloaded from the web.

Sebbene la saga Bankman-Fried sia al centro dell'attenzione, gli attacchi informatici e i crimini informatici rimangono una grande preoccupazione. Miliardi sono stati persi a causa degli hacker solo nel 2022 e gli esperti di sicurezza prevedono che gli hacker continueranno le loro attività nel prossimo anno. Secondo il ricercatore Seongsu Park,

The coming year will be marked by the cyber epidemics with the biggest impact, the strength of which has been never seen before. […] On the threshold of new malicious campaigns, businesses must be more secure than ever.

BlueNoroff received widespread attention after raiding the Bangladeshi central bank in 2016. Several US security bodies have noted that the group alongside Lazarus poses a huge threat to businesses and organizations. Cyber attackers from North Korea linked to the Lazarus Group have launched several attacks on crypto firms, including the $600-million Ronin Bridge hack.

North Korean hackers have stolen cryptocurrency worth over $1.2 billion since 2017. The Lazarus Group conducted two distinct phishing scams in September that were directed at Coinbase and Crypto.com job seekers. One of the campaigns enticed job seekers to download a PDF listing Crypto.com’s open positions. However, the file simply installed a Trojan horse to steal sensitive data.

Lawrence Woriji
Lawrence Woriji Autore verificato

Ho raccontato alcune storie emozionanti nella mia carriera di giornalista e trovo le storie legate alla blockchain molto intriganti. Credo che Web3 cambierà il mondo e voglio che tutti ne facciano parte.

Ultime notizie