North Korean Hackers Target Crypto Businesses, Kaspersky Warns Startups

BlueNoroff is part of a larger hacking organization called Lazarus Group, which has ties to the North Korean government. Since its formation in 2009, the group has been involved in multiple cybercrimes by primarily targeting large companies in South Korea and the United States.

According to a report issued by Kaspersky's Securelist on January 13th, the antivirus software provider informed users of activities by the mysterious hacking group, which was classified as an advanced persistent threat, known as BlueNoroff.

Did you know?

Want to get smarter & wealthier with crypto?

Subscribe - We publish new crypto explainer videos every week!

What is an NFT? (Explained with Animations)

SUBSCRIBE

ON YOUTUBE

Even though the organization was flagged by Kaspersky, it has vast amounts of resources to stay anonymous. The cybercrime group has allegedly shifted into the crypto industry, indicating its current source of income. 

The deceptive nature of the organization is what made it notoriously dangerous. Based on the article, BlueNoroff creates planned out attacks by creating "fake cryptocurrency software development companies in order to trick their victims into installing legitimate-looking applications that eventually receive backdoored updates."

Currently, the group is running a SnatchCrypto campaign with its primary target being cryptocurrency startups with security loopholes. 

The organization usually masks "normal interactions" with means of creating a highly sophisticated plan by infiltrating crypto companies, building trust amongst their colleagues, and finding out about in-door operations. This lets the North Korean hacking group perform coordinated attacks.

The latest attack by BlueNoroff emerged in November 2021, during which the bZx crypto exchange was subject to a cyberattack, resulting in $55M worth of assets lost.