The Federal Bureau of Investigation (FBI) has issued a strongly worded Public Service Announcement (PSA) regarding the Democratic People’s Republic of Korea’s (DPRK’s) aggressive targeting of cryptocurrency resources. The PSA comes as state-backed hackers have been observed increasing the persistence, scale, and sophistication of their efforts targeting sectors like cryptocurrency exchange-traded funds (ETFs) over recent months. Thankfully, the FBI also uses its PSA to reveal some of the social engineering tactics and mitigations to be aware of. It explains what to do if you think you’ve fallen victim to the DPRK’s malicious cyber actors.
According to the FBI’s statement, the DPRK’s latest digital onslaught is “complex and elaborate, often compromising victims with sophisticated technical acumen.” Individuals and firms in the decentralized finance (DeFi) industry are now favored targets. However, malicious cyber actors have been observed researching and preparing to focus on targets connected to cryptocurrency exchange-traded funds (ETFs) – so if you work with ETFs, you should be more careful than ever. The DPRK is happy to steal cryptocurrency funds from anywhere, though.
One of the characteristics of this new wave of malicious cyber activity from the DPRK is the extensive research being completed before an attempted heist. For social engineering purposes, the malicious actors will “scout prospective victims by reviewing social media activity, particularly on professional networking or employment-related platforms.” So, watch what platforms you are LinkedOn (ahem), and be sensitive to the depth of details you are communicating and sharing.
In addition to taking their time to cultivate topics and conversations with intended victims, DPRK agents sometimes impersonate people that a victim knows about (e.g., a prominent professional) or knows directly. It seems that those looking for a career move or change may be particularly vulnerable, as the FBI says DPRK agents also commonly impersonate recruitment firms.
This news is republished from another source. You can check the original article here
