Several U.S. government organizations jointly warned on Monday of the threat posed by cryptocurrency thefts and tactics used by the North Korean state-sponsored group known as Lazarus Group.
- The FBI, the Cybersecurity and Infrastructure Security Agency (CISA) and the U.S. Treasury Department said other names for the group include APT38, BlueNoroff and Stardust Chollima.
- The warning comes after the Treasury Department tied Lazarus to a $625 million theft of cryptocurrency from the Ronin bridge linked to popular play-to-earn game Axie Infinity.
- The U.S. government said it had observed North Korean cyber actors targeting a wide range of crypto and blockchain companies, including “cryptocurrency exchanges, decentralized finance (DeFi) protocols, play-to-earn cryptocurrency video games, cryptocurrency trading companies, venture capital funds investing in cryptocurrency, and individual holders of large amounts of cryptocurrency or valuable non-fungible tokens” (NFT).
- The organizations advised companies and individuals to guard against social engineering attempts by the group to gain access to crypto by patching all systems, prioritizing patching known exploited vulnerabilities, training users to recognize and report phishing attempts and using multifactor authentication.
The leader in news and information on cryptocurrency, digital assets and the future of money, CoinDesk is a media outlet that strives for the highest journalistic standards and abides by a strict set of editorial policies. CoinDesk is an independent operating subsidiary of Digital Currency Group, which invests in cryptocurrencies and blockchain startups. As part of their compensation, certain CoinDesk employees, including editorial employees, may receive exposure to DCG equity in the form of stock appreciation rights, which vest over a multi-year period. CoinDesk journalists are not allowed to purchase stock outright in DCG.