The United States Federal Bureau of Investigation (FBI) has issued a warning to employees at digital asset firms regarding the latest attempt by the Democratic People’s Republic of Korea to steal crypto.
In a Sept. 3 notice, the FBI said North Korean malicious cyber actors were targeting workers at decentralized finance and cryptocurrency companies to steal funds through “complex and elaborate” social engineering campaigns. Specifically, the federal agency warned that the scammers had researched firms associated with cryptocurrency-tied exchange-traded funds, or ETFs.
How the scam works
The actors employed schemes, including fake offers of employment or investment opportunities and impersonating well-known individuals associated “with certain technologies” to trick users. The scammers may then provide a link to a “pre-employment test” or another download to install malware.
“The actors usually attempt to initiate prolonged conversations with prospective victims to build rapport and deliver malware in situations that may appear natural and non-alerting,” said the FBI, adding:
“The actors usually communicate with victims in fluent or nearly fluent English and are well versed in the technical aspects of the cryptocurrency field.”
Source: FBI
Since 2017, North Korean hackers have stolen roughly $3 billion in crypto using such schemes. The Lazarus Group, a group of hackers tied to the reclusive nation, has allegedly been responsible for many high-profile attacks targeting crypto users.
The FBI has issued several warnings related to crypto scammers, including those impersonating employees of crypto exchanges and targeting users to compromise their accounts. In June, the federal agency said malicious actors had posed as employees of law firms offering fake crypto recovery services.