What is Social Engineering Attack that North Koreans Hackers Deploy

As a seasoned analyst with years of experience in the digital economy, I can’t help but feel a sense of unease when I see the increasing sophistication of social engineering attacks in the cryptocurrency and NFT industries, particularly those attributed to North Korea’s Lazarus Group. My personal journey in this field has taught me that while technology advances at an incredible pace, human nature remains our weakest link.


With the ongoing growth of the cryptocurrency, NFT, and Web3 sectors, these areas have unfortunately emerged as prime targets for cyberattacks, often orchestrated through social engineering, notably by entities originating from North Korea. Previously, The Crypto Times reported that a notorious North Korean hacking group known as “Lazarus Group” was suspected of being involved in the theft worth approximately Rs 2000 crore from WazirX.

These sophisticated schemes for exploiting human psychology, known as social engineering attacks, are carefully orchestrated and challenging to identify. Their objective is to infiltrate businesses and make off with significant amounts of cryptocurrency. Unlike conventional hacking tactics, these strategies are remarkably complex, skillfully manipulating trust, emotions, and behavior patterns.

In this piece, we’ll delve into the different tactics employed by hackers when carrying out social engineering assaults.

Recent instances of Social Engineering Attacks

As cyberattacks become more common, centralized cryptocurrency exchanges are becoming popular targets due to their substantial holdings of digital assets. Despite enhanced security measures, these platforms remain attractive to hackers due to their significant reserves. For instance, in May 2024, the Japanese exchange DMM was breached and $305 million worth of Bitcoin were stolen. In July 2024, the Indian exchange WazirX suffered a similar fate, with $230 million in assets being taken. These incidents demonstrate that even robust security systems can be overcome by organized groups such as North Korea’s Lazarus.

2024 saw a significant surge in Cryptoware attacks. This year, the maximum ransom ever paid was a staggering $75 million, indicating that hackers are now primarily focusing on large corporations. The average demanded ransom has escalated from around $200,000 last year to over $1.5 million now.

What is Social Engineering Attack?

In the world of cryptocurrency, social engineering refers to deceiving people into disclosing sensitive data or participating in potentially harmful actions that jeopardize their security.

Cybercriminals often exploit human emotions like urgency, fear, and curiosity to deceive their victims. For instance, a fraudster might send an email that seems genuine, pretending to be from a trusted source, asking the recipient to click a suspicious link. This action could potentially expose sensitive data such as passwords or personal keys. If clicked, these links can grant access to wallets, facilitate fund transfers, or even take control of accounts.

How Different are North Korean Social Engineering Attacks?

North Korean cyber campaigns regarding social engineering in the realm of DeFi (Decentralized Finance) and cryptocurrencies are highly sophisticated. They meticulously investigate issues related to these subjects prior to launching operations, by mining data from social media platforms and official networks. Their tactics involve crafting convincing factors such as fake job offers or investment prospects. Users should remain vigilant when encountering pre-employment tests or debugging tasks involving uncommon Node.js libraries, PyPI packages, or scripts.

A frequently employed tactic by North Korean cyber attackers involves posing as reliable individuals or entities, often adopting the guise of recruiters, IT professionals, or other trusted figures. They might use genuine photos of themselves and construct bogus websites to boost their own credibility. The goal is to make their communications appear authentic and trustworthy.

How to protect yourself from Social Engineering Attacks?

To safeguard against social engineering attacks, the FBI recommends adopting several crucial precautions. Firstly, confirm the authenticity of individuals by utilizing distinct communication methods that aren’t linked. For instance, if initial contact occurs via a professional networking site, verify their request through a live video call on another platform. Additionally, refrain from keeping critical information such as cryptocurrency wallet details on devices connected to the internet. Instead, opt for multi-factor authentication (MFA) and strong, unique passwords to secure your accounts. For substantial cryptocurrency holdings, prevent unauthorized file downloads and disable email attachments by default.

1) Keep software and network security current by regularly updating and checking them. Restrict access to confidential data, and make sure all business interactions occur via authorized communication channels. This approach reduces the need for special or custom software in everyday tasks, and it’s essential to be cautious of unsolicited messages containing links or attachments.

If there’s a possibility that the company could be under North Korean cyber-attack or other inappropriate activities, respond swiftly. Disconnect the devices involved from the internet while keeping them powered on to maintain possible evidence. Notify the Federal Bureau of Investigation’s Internet Crime Complaint Center (IC3) and offer comprehensive details about the situation to help prevent future attacks.

Conclusion

In summary, social engineering attacks, notably those originating from North Korea, pose a substantial risk to the cryptocurrency and DeFi industries. These attacks target human psychology instead of technical vulnerabilities, making them hard to identify and thwart. To safeguard against these persistent and evolving threats, it’s crucial for users to stay informed, reinforce security practices, and educate employees. By doing so, both individuals and businesses can enhance their defenses and ensure the safety of users while preserving trust in the growing crypto world.

Read More

Sorry. No data so far.

2024-09-14 15:33