Japan’s national police have arrested Lazarus, a North Korean hacking group that has been responsible for several years of cyber-related attacks.
The Oct. 14th public advisory sent by Japan’s National Police Agency and Financial Services Agency (FSA), warned crypto-asset companies of possible “phishing” attacks from hackers.
This advisory statement is also known as “public attribution” and according local reports is the fifth time that the government has issued such an alert in its history.
The statement warns of the hacking group’s use of social engineering to create phishing attacks. They pretend to be executives at a target company in order to lure employees into clicking on malicious attachments or links.
“This cyber-attack group sends phishing email to employees impersonating executives at the target company via social networking sites with fake accounts, pretending to be conducting business transactions […]. The cyber-attack group then uses the malware to gain access to victim’s network.”
According to the statement, hackers from North Korea have used phishing as a common attack method. The NPA and FSA advised the targeted companies to keep their private keys offline and not open attachments or hyperlinks to emails.
In the statement, it was stated that businesses and individuals should not download files from other sources than those whose authenticity can easily be verified, particularly for cryptographic assets applications.
NPA suggested that digital asset owners “install security software,” “implement multi-factor authentication” to strengthen identity authentication mechanisms, and that they not use the same password on multiple devices or services.
NPA confirmed that several attacks were carried out on Japanese-based digital asset companies, but did not disclose specific details.
Related: “Nobody is holding them back” — North Korean cyber-attack threat rises
Lazarus Group is believed to be affiliated with North Korea’s Reconnaissance General Bureau. This is a government-run foreign intelligence organization.
Katsuyuki OKamoto, a multinational IT company Trend Micro stated to The Yomiuri Shimbun: “Lazarus originally targeted banks in different countries, but it recently aimed at crypto assets that can be managed looser.”
They were accused of being hackers responsible for the $650 Million Ronin Bridge exploit in March, and they were also identified as suspects in an $100,000,000 attack from Layer-1 Blockchain Harmony.
Leave a Reply