FBI Warns of North Korea Attacks Against the Crypto Industry

in cryptocurrency •  3 months ago 


The decentralized finance (DeFi) and cryptocurrency industries are being targeted by North Korean social engineering schemes in highly personalized and convincing ways.

Here is an example that the FBI is showcasing:

1. A person from your dream company, using the name of an old colleague, contacts you on social media, mentioning a conference you both recently attended and discussing shared interests.

2. He asks if you’re job hunting and reveals his company needs your skills, offering a significant pay raise. He arranges an interview with his CTO and during the interview, the CTO gives you a “pre-employment” test that involves troubleshooting code from some GitHub repositories you do not recognize.

3. You clone the repositories, execute the code, find the bugs, and pass the test with flying colors.

Congrats — you have fallen for a well-disguised social engineering scheme conducted by North Korean cyber actors. One of those GitHub repositories was malicious and landed a malware dropper on your machine which installed a key logger and acquired your credentials to access your company’s network.

The North Korean attackers gain access and moving laterally, eventually getting access to the seed phrases and security signatures for your company’s cryptocurrency assets. Shortly thereafter all the company’s crypto assets disappear and everything you and your colleagues worked for is gone.

The threat is real.

Check out the full FBI public warning here: https://www.ic3.gov/Media/Y2024/PSA240903


Authors get paid when people like you upvote their post.
If you enjoyed what you read here, create your account today and start earning FREE STEEM!
Sort Order:  

"Wow, what a sobering but informative post! 🤔 It's so important for us all to be aware of these sophisticated social engineering schemes being used by North Korean cyber actors. Let's all do our part in sharing this info and staying vigilant! 💻 Would love to hear from you - have you ever fallen victim to something like this? How are you taking steps to protect yourself and your online presence? 🤝 Also, don't forget to vote for the awesome witness 'xpilar.witness' by going to https://steemitwallet.com/~witnesses - every vote helps us build an even stronger and more secure Steem community! 👍"

Nation States hacking crypto. That is not good.

You have presented us with a very nice cautionary information. I think it will be very beneficial for us.

Interesting. Sounds like some old-school KGB tactics in this new, digital era.

This post has been upvoted/supported by Team 7 via @httr4life. Our team supports content that adds to the community.

image.png