North Korean hackers responsible for several years of cyberattacks relating to crypto frequently use phishing as a method of attack
Image: Shutterstock
Japanese crypto companies have been targeted by the state-sponsored cyber terrorist organisation Lazarus from North Korea, according to a joint statement from Japan's National Police and Financial Services Agencies.
Japan News reported that phishing and social engineering techniques were used in the attacks.
In emails and on social media, Lazarus hackers allegedly contacted their targets while pretending to be CEOs of bitcoin firms. Following the first contact, the attackers used malware to enter the target companies' internal systems before escaping with crypto assets.
Authorities utilised a procedure that has only been applied five times in Japan's history: they released an advisory statement naming the suspect group before making any arrests.
The joint statement also contained some basic security guidance, advising potential targets to keep their private keys offline and to exercise caution when clicking on links or emails. While admitting that some of the attacks were successful, the NPA concealed other details and the cost of the looted products.