Warning Issued by Japan, South Korea, and US on North Korean Cyber Threats in Crypto Industry
Japan, South Korea, and the US came together to issue a joint statement on Jan. 14, warning the global crypto industry about the threats posed by hacks attributed to North Korean actors.
Notorious Hackers Targeting Exchanges and Users
- Groups tied to the Democratic People’s Republic of Korea (DPRK) are targeting exchanges, crypto custodians, and individual users.
- The Lazarus Group, a notorious cybercrime group, continues to engage in highly strategic attacks.
- High-profile hacks in 2024, including DMM Bitcoin, Upbit, and Rain Management, resulted in over $370 million in losses.
Evolving Tactics in Cybercrime
The statement highlighted the use of social engineering and malware strategies by North Korean actors. Tools like TraderTraitor and AppleJeus are used in targeted attacks to infiltrate and compromise victims. Governments have observed DPRK IT workers embedded within global private sector organizations, posing insider threats.
Collaborative Efforts to Combat Cyber Threats
- US, South Korea, and Japan issued advisories urging businesses to vet their workforce and enhance cybersecurity measures.
- Initiatives like the Illicit Virtual Asset Notification (IVAN) program and Crypto-ISAC have been launched in the US to improve incident response.
- South Korea and Japan have intensified efforts to strengthen coordination within their regions.
Impact of North Korean Hackers on Crypto Industry
In 2024, victims lost $2.3 billion to crypto fraud, with North Korean actors responsible for stealing $1.3 billion worth of crypto. This marked a 103% increase from the previous year, highlighting the growing threat posed by these hackers to investors and businesses.