{"id":101911,"date":"2024-11-28T19:26:23","date_gmt":"2024-11-28T23:26:23","guid":{"rendered":"https:\/\/coinscreed.com\/staging\/?p=101911"},"modified":"2024-11-28T19:27:12","modified_gmt":"2024-11-28T23:27:12","slug":"north-korean-hackers-target-it-firms","status":"publish","type":"post","link":"https:\/\/coinscreed.com\/staging\/north-korean-hackers-target-it-firms\/","title":{"rendered":"Report: North Korean Hackers Target IT Firms with Social Engineering Tactics"},"content":{"rendered":"\n

In recent years, the North Korean government (DPRK) has allegedly used numerous hacking groups, most notably the Lazarus Group<\/a>, to seal\u00a0crypto.<\/p>\n\n\n\n

\"North<\/figure>\n\n\n\n

Hackers linked to the North Korean government have reportedly broadened their social engineering schemes to steal cryptocurrencies by infiltrating “hundreds” of multinational IT companies.<\/p>\n\n\n\n

North Korean Hacking Groups Identified<\/h2>\n\n\n\n

At the Cyberwarcon cybersecurity conference, researchers highlighted two North Korean hacker groups, \u201cSapphire Sleet\u201d and \u201cRuby Sleet,\u201d according to a report by TechCrunch\r\n \r\n \r\n \r\n <\/g>\r\n \r\n \r\n \r\n <\/clipPath>\r\n <\/defs><\/svg><\/span><\/a>.<\/p>\n\n\n\n

Sapphire Sleet targeted individuals through fraudulent job schemes, pretending to be legitimate recruiters. <\/p>\n\n\n\n

They lured victims into interviews and then infected their computers with malware disguised as PDF files or malicious links during the recruitment process.<\/p>\n\n\n\n

Ruby Sleet focused on infiltrating aerospace and defense contractors in the United States, the United Kingdom, and South Korea to steal military secrets.<\/p>\n\n\n\n

The report also revealed that North Korean IT workers used AI-generated fake identities, social media profiles, and voice-altering technologies to infiltrate companies and execute recruitment scams.<\/p>\n\n\n\n

\"North
Crypto theft for November 2024. Source: Immunefi,\u00a0<\/em>Because Bitcoin<\/em><\/use><\/svg><\/span><\/a><\/figcaption><\/figure>\n\n\n\n

Cryptocurrency Industry in the Crosshairs<\/h2>\n\n\n\n

Long before the Cyberwarcon findings, North Korean hackers had been targeting cryptocurrency firms with similar tactics.<\/p>\n\n\n\n

In August, blockchain investigator ZachXBT identified 21 developers<\/a>, allegedly North Korean, working on various crypto projects using fabricated identities.<\/p>\n\n\n\n

In September, the FBI warned that North Korean hackers were targeting crypto companies and decentralized finance (DeFi) projects. <\/p>\n\n\n\n

These attacks involved malware disguised as job offers, which stole users\u2019 private keys when downloaded or accessed through malicious links.<\/p>\n\n\n\n

In October, concerns arose within the Cosmos ecosystem over its Liquid Staking Module, reportedly developed by North Korean hackers. <\/p>\n\n\n\n

Jacob Gadikian, a Cosmos ecosystem developer, remarked, \u201cThe people who built the LSM are the world\u2019s most skilled and prolific crypto thieves.\u201d These fears prompted multiple security audits of the Liquid Staking Module to detect potential backdoors or harmful code.<\/p>\n","protected":false},"excerpt":{"rendered":"

In recent years, the North Korean government (DPRK) has allegedly used numerous hacking groups, most notably the Lazarus Group, to seal\u00a0crypto. Hackers linked to the North Korean government have reportedly broadened their social engineering schemes to steal cryptocurrencies by infiltrating “hundreds” of multinational IT companies. North Korean Hacking Groups Identified At the Cyberwarcon cybersecurity conference, […]<\/p>\n","protected":false},"author":56,"featured_media":101939,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[21],"tags":[202,15458,3964,12002,4337],"class_list":["post-101911","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news","tag-blockchain","tag-cybercrime-2","tag-cybersecurity","tag-hacks","tag-north-korea"],"jetpack_featured_media_url":"https:\/\/coinscreed.com\/staging\/wp-content\/uploads\/2024\/11\/North-Korean-Hackers-Target-IT-Firms-with-Social-Engineering-Tactics.webp","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/coinscreed.com\/staging\/wp-json\/wp\/v2\/posts\/101911","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/coinscreed.com\/staging\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/coinscreed.com\/staging\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/coinscreed.com\/staging\/wp-json\/wp\/v2\/users\/56"}],"replies":[{"embeddable":true,"href":"https:\/\/coinscreed.com\/staging\/wp-json\/wp\/v2\/comments?post=101911"}],"version-history":[{"count":0,"href":"https:\/\/coinscreed.com\/staging\/wp-json\/wp\/v2\/posts\/101911\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/coinscreed.com\/staging\/wp-json\/wp\/v2\/media\/101939"}],"wp:attachment":[{"href":"https:\/\/coinscreed.com\/staging\/wp-json\/wp\/v2\/media?parent=101911"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/coinscreed.com\/staging\/wp-json\/wp\/v2\/categories?post=101911"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/coinscreed.com\/staging\/wp-json\/wp\/v2\/tags?post=101911"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}