North Korean Hackers Intensify Schemes Targeting Cryptocurrency and IT Industries

North Korean hackers intensify cryptocurrency theft through deceptive job offers and AI-driven scams, targeting IT firms and defense contractors worldwide.

Recent reports suggest that North Korean hackers are ramping up their social engineering tactics to swipe cryptocurrencies.

These activities have led to the infiltration of several major global IT firms.

At the recent Cyberwarcon cybersecurity conference, research spotlighted two North Korean hacking groups, named “Sapphire Sleet” and “Ruby Sleet.”

Sapphire Sleet’s Tactics

The Sapphire Sleet group has gained notoriety for crafting fraudulent job offers aimed at exploiting potential candidates.

By pretending to be legitimate recruiters, these cybercriminals lure unsuspecting job seekers into interviews.

Unfortunately, during these seemingly innocent conversations, they sneak malware onto the victims’ devices, often disguising the malicious software as image files or PDFs, or embedding it in harmful links.

Ruby Sleet’s Operations

In contrast, the Ruby Sleet group has set their sights on aerospace and defense contractors based in the U.S., U.K., and South Korea, with the intent of stealing sensitive military data.

The report also highlights how tech workers from North Korea have employed cutting-edge tools such as artificial intelligence, social media, and advanced voice modulation to create false identities, which they use to infiltrate organizations and conduct recruitment scams.

Focus on Cryptocurrency

Interestingly, before Cyberwarcon researchers issued their warnings about North Korean threats to the tech industry, affiliated hackers had already been targeting cryptocurrency firms using similar methods.

Back in August, blockchain investigator ZackXBT uncovered a network of 21 developers linked to North Korea, who were operating under false identities while engaging in various cryptocurrency projects.

Additionally, in September, the FBI released a warning about the escalating focus of North Korean hackers on cryptocurrency businesses and decentralized finance ventures, highlighting their use of malware camouflaged as job postings.

Just recently, in October, alarms were raised within the Cosmos ecosystem concerning its Liquid Staking Module.

Concerns grew when it was reported that North Korean programmers may have been behind its development.

This revelation led to a series of security audits, as suspicions of potential backdoors and other malicious elements intensified.

Source: Cointelegraph

Trending now

Experts Discuss Revival of ICOs and Caution in Memecoin Investments
How to Verify Crypto Addresses: A Quick Guide for Beginners
What is Mina Protocol (MINA): A Lightweight Blockchain for the Masses
What is SuperFarm (SUPER): A Beginner’s Guide to the NFT Platform