Japan’s national police have identified the entity responsible for several years’ worth of cyberattacks, including cryptography, as Lazarus, a North Korean hacking ring.
Japan Issues Crypto Hack PSA
On October 14, the National Police Agency (NPA) and Financial Services Agency (FSA) of Japan released a public alert warning the country’s cryptocurrency-asset businesses to be wary of “phishing” attacks by the hacking group designed to steal cryptocurrency assets.
Local reports indicate that this is the government’s seventh “public attribution” advising statement in history.
The cyber group, according to the statement, uses social engineering to plan phishing attacks. They pose as top executives of a target company to try to get personnel to click on dangerous links or attachments. The statement revealed that this cyber assault gang uses phony identities on social networking sites to send phishing emails to employees purporting to be executives of the target company, pretending to transact business. The cyberattack gang then enters the victim’s network using the malware as a stepping stone.
Keep Keys Private
Since phishing has apparently been a common tactic used by North Korean hackers, the NPA and FSA advised targeted organizations to keep their “private keys in an offline environment” and to “not click email attachments or hyperlinks recklessly.”
Particularly for applications using cryptographic assets, the statement continued, people and companies should “not obtain files from sources other than those whose authenticity can be verified.”
From Banks to Crypto Assets
Katsuyuki Okamoto of the multinational IT firm Trend Micro notified the Yomiuri Shimbun that Lazarus initially targeted banks in various nations, but has recently been targeting crypto assets that are managed more loosely.
They have been implicated in the $100 million layer-1 blockchain Harmony attack and are thought to be the hackers responsible for the $650 million Ronin Bridge breach in March.
October has been a month of major crypto asset hacking reports after Binance and Mango markets were both hacked. The people responsible for the Mango markets exploit revealed themselves yesterday and it will be interesting to watch how that plays out.
Image Courtesy of Freepik.com