The decentralized finance (DeFi) and

cryptocurrency industries are being targeted by North Korean social engineering

schemes in highly personalized and convincing ways.

 

Here is an example that the FBI is showcasing:

1.      

A

person from your dream company, using the name of an old colleague, contacts

you on social media, mentioning a conference you both recently attended and

discussing shared interests.

2.      

He

asks if you're job hunting and reveals his company needs your skills, offering

a significant pay raise.  He arranges an

interview with his CTO and during the interview, the CTO gives you a

“pre-employment” test that involves troubleshooting code from some GitHub

repositories you do not recognize.

3.      

You

clone the repositories, execute the code, find the bugs, and pass the test with

flying colors.

 

Congrats - you have fallen for a well-disguised

social engineering scheme conducted by North Korean cyber actors. One of those

GitHub repositories was malicious and landed a malware dropper on your machine

which installed a key logger and acquired your credentials to access your

company’s network.

 

The North Korean attackers gain access and moving

laterally, eventually getting access to the seed phrases and security

signatures for your company’s cryptocurrency assets.  Shortly thereafter all the company’s crypto

assets disappear and everything you and your colleagues worked for is gone.

 

The threat is real.

 

Check out the full FBI public warning here: https://www.ic3.gov/Media/Y2024/PSA240903

The post FBI Warns of North Korea Attacks Against the Crypto Industry appeared first on Security Boulevard.

Matthew Rosenquist

Source: Security Boulevard
Source Link: https://securityboulevard.com/2024/09/fbi-warns-of-north-korea-attacks-against-the-crypto-industry/