Several U.S. government organizations jointly warned on Monday of the threat posed by cryptocurrency thefts and tactics used by the North Korean state-sponsored group known as Lazarus Group.
- The FBI, the Cybersecurity and Infrastructure Security Agency (CISA) and the U.S. Treasury Department said other names for the group include APT38, BlueNoroff and Stardust Chollima.
- The warning comes after the Treasury Department tied Lazarus to a $625 million theft of cryptocurrency from the Ronin bridge linked to popular play-to-earn game Axie Infinity.
- The U.S. government said it had observed North Korean cyber actors targeting a wide range of crypto and blockchain companies, including “cryptocurrency exchanges, decentralized finance (DeFi) protocols, play-to-earn cryptocurrency video games, cryptocurrency trading companies, venture capital funds investing in cryptocurrency, and individual holders of large amounts of cryptocurrency or valuable non-fungible tokens” (NFT).
- The organizations advised companies and individuals to guard against social engineering attempts by the group to gain access to crypto by patching all systems, prioritizing patching known exploited vulnerabilities, training users to recognize and report phishing attempts and using multifactor authentication.
The leader in news and information on cryptocurrency, digital assets and the future of money, CoinDesk is an award-winning media outlet that strives for the highest journalistic standards and abides by a strict set of editorial policies. In November 2023, CoinDesk was acquired by Bullish, a cryptocurrency exchange, which in turn is owned by Block.one, a firm with interests in a variety of blockchain and digital asset businesses and significant holdings of digital assets including bitcoin and EOS. CoinDesk operates as an independent subsidiary, and an editorial committee, chaired by a former editor-in-chief of The Wall Street Journal, is being formed to support journalistic integrity.