The FBI has warned that North Korean cybercriminals are becoming more sophisticated and tactical in their attempts to steal cryptocurrency, including investigating people connected to digital asset exchange-traded funds (ETFs).
In a statement Tuesday, the agency said criminals in closed countries are now conducting “difficult-to-detect social engineering campaigns” targeting people working in the cryptocurrency sector, including decentralized finance (DeFi) and exchange-traded funds (ETFs).
According to the FBI, these sophisticated scams target workers in the digital asset sector in an attempt to steal valuable personal information by impersonating others or making fake job offers. These attempts are commonly referred to as phishing scams.
“North Korean malicious cyber actors have been conducting investigations into a variety of targets related to cryptocurrency ETFs over the past several months,” the statement reads.
“This research included pre-operational preparations suggesting that North Korean actors may attempt to conduct malicious cyber activities against companies associated with cryptocurrency ETFs or other cryptocurrency-related financial products.”
The FBI added that “even people well-versed in cybersecurity practices” can fall victim to increasingly sophisticated scams.
The U.S. Securities and Exchange Commission (SEC) approved Bitcoin and Ethereum ETFs this year, allowing traditional investors to invest in the two largest cryptocurrencies through shares traded on exchanges.
Prior to that, crypto futures ETFs were being sold in the US market. The FBI warning did not specifically mention any cryptocurrencies, but the Bitcoin ETF is the most prominent one in the US, and has been trading since January. The only other spot cryptocurrency ETF being sold in the US is the Ethereum fund, which has been trading for just over a month as of this writing.
The FBI did not immediately respond. DecodeThe question is:
North Korean actors often target cryptocurrency companies and protocols. The Lazarus Group, a state-sponsored cyber hacking group, reportedly used hybrid tools like Tornado Cash and other apps to hide the dirty money trail. U.S. authorities say the funds were stolen.
According to blockchain data firm Chainalysis, the group steals hundreds of millions of dollars worth of cryptocurrency from cryptocurrency exchanges and other platforms every year, and in March 2022, it stole $622 million worth of cryptocurrency from Ronin, an Ethereum gaming network.
Edited by Andrew Hayward
Daily Debriefing newsletter
Start your day with the most popular news stories, plus original articles, podcasts, videos, and more.