Hackers from North Korea infiltrated South Korea, posing as government officials and journalists. The South Korean National Police Agency reveals their focus on stealing crypto, with approximately 1,500 victims affected. Learn how the DPRK hackers used phishing tactics and the latest on efforts to counter their cyber activities.
North Korean hackers, operating under the guise of South Korean government entities, orchestrated a crypto theft spree. The South Korean National Police Agency disclosed that these hackers, employing email phishing tactics, targeted nearly 1,500 victims between March and October 2023. The majority hailed from the private sector, with around 57 being current or former government officials.
The attackers, masquerading as entities like the National Health Insurance and the National Pension Service, utilized phishing emails with enticing content. Upon opening these deceptive emails or accessing attached files, victims unknowingly enabled malware, allowing hackers to pilfer personal data.
Notably, the hackers acquired user IDs and profiles of 19 individuals, exploiting this information to breach their cryptocurrency trading accounts. While specifics about the stolen assets remain undisclosed, South Korean law enforcement vows to intensify efforts against these cyber threats.
In a parallel development, the Lazarus Group, a North Korean hacking outfit, targeted blockchain engineers with a new macOS malware. This group, infamous for major crypto heists, currently holds nearly $60 million in cryptocurrencies, primarily in bitcoin ($56.15 million), along with holdings in ETH, BNB, BUSD, and AAVE.