A recent joint statement issued by the US and South Korea has shed light on the “significant threat” posed by North Korean state-backed hackers to global blockchain companies. The statement highlighted the alarming trend of these hackers stealing over $659 million in cryptocurrency through various heists, as part of a larger effort to fund the North Korean regime’s malign activities.
The US government, in collaboration with South Korea and Japan, identified aggressive targeting of the cryptocurrency industry by North Korean hackers using sophisticated social engineering attacks and malware such as TraderTraitor and AppleJeus. These attacks not only undermine the security of blockchain companies but also pose a broader threat to the international financial system.
One of the notable cyberattacks mentioned in the joint statement was the July 2024 breach of India’s largest Bitcoin exchange, WazirX, which resulted in losses of $235 million. Additionally, DPRK-linked hackers were also responsible for attacks on DMM Bitcoin, Upbit, Rain Management, and Radiant Capital in recent years, further emphasizing the extent of the threat posed by North Korea’s cyber program.
Beyond cryptocurrency heists, North Korea’s tactics include infiltrating private companies by posing as remote IT workers. Individuals trained as ‘IT warriors’ by North Korean operatives have successfully secured employment in companies worldwide by concealing their true identities. These operatives have been known to exploit insider access to extort former employers and carry out malicious activities within corporate networks.
In response to these threats, the US State Department has offered a reward of up to $5 million for information that could disrupt the activities of North Korean front companies involved in fraudulent remote IT work schemes. The joint statement issued by the US, Japan, and South Korea advised private sector entities, especially those in the blockchain and freelance work industries, to stay vigilant and implement robust cybersecurity measures to mitigate the risk of inadvertently hiring DPRK IT workers.
The ongoing collaboration between the US, South Korea, and Japan underscores the seriousness of the cybersecurity threats posed by North Korean hackers to global blockchain companies and emphasizes the need for proactive measures to safeguard against future attacks. With cyber warfare evolving rapidly, it is imperative for companies to stay informed and take necessary precautions to protect their assets and data from malicious actors in the digital realm.