U.S Government Agencies Warn of More North Korean Cyber Attacks

Key Insights:

• This week, the U.S government warned of more North Korean cyberattacks targeting crypto.
• The news follows confirmation of the North Korean cybercriminal syndicate, the Lazarus Group, involvement in the Ronin hack.
• North Korea and Russia are ramping up cyberattacks following a lucrative 2021.

The alarm bells are ringing following news of the Lazarus Group being behind this year’s Ronin attack. Linked to the state government, the Lazarus Group is a North Korean cybercriminal syndicate that was behind April’s Axie Infinity hack.

April’s hack, also known as the Ronin Hack, was the largest ever, with cybercriminals getting away with $625m, including 173.6k ETH and 25.5m USDC.

U.S Government Sounds the Alarm Bells of More Cyber Attacks

This week, U.S government agencies issued warnings of the threat of more North Korean cyberattacks.

On Monday, the Cybersecurity & Infrastructure Security Agency (CISA) issued a joint alert with the FBI and the U.S Treasury Department.

According to the Monday alert,

“The U.S. government has observed North Korean actors targeting a variety of organizations in the blockchain technology and cryptocurrency industry, including cryptocurrency exchanges, decentralized finance (DeFi) protocols, play-to-earn cryptocurrency video games, cryptocurrency trading companies, venture capital funds investing in cryptocurrency, and individual holders of large amounts of cryptocurrency or valuable non-fungible tokens (NFTs).”

The alert went on to say.

“The activity described in this advisory involves social engineering of victims using a variety of communication platforms to encourage individuals to download trojanized cryptocurrency applications on Windows or macOS operating systems.”

In March, the FBI created a new Virtual Assets Unit in response to a spike in cybercriminal activity.

Since then, the team has been active and was involved in linking North Korea’s Lazarus Group to the Ronin hack.

April’s Ronin hack was just one of the many carried out by North Korean cybercriminals.

North Korean Cybercriminal Activity Funds Missiles and More

In February, North Korea funded its missile program with stolen crypto.

Last year, North Korea amassed more than $400m worth of digital assets through cybercriminal activity, according to figures from Chainalysis. Cybercriminals primarily targeted investment firms and centralized exchanges.

April’s Ronin hack will give the Lazarus Group and other North Korean cybercriminals an incentive to ramp up attacks for more sizeable hauls before susceptible platforms introduce stricter security protocols.

On Sunday, Currency.com reported a failed distributed denial of service (DDoS) attack by Russian cybercriminals. Russian cybercriminals are also among the most active in the digital asset space.