North Korean hackers are targeting crypto ETF issuers, according to the FBI. The FBI has “identified a long list of potential targets,” a security researcher told News.
North Korean hackers have long targeted crypto companies due to the irreversibility of blockchain-based transactions. Because once the crypto is in the hacker's wallet, no bank or government can reverse the illegal transaction on behalf of the victim.
Now, there are signs that those hackers are looking at bigger fish.
The FBI warned that North Korean hackers had “conducted investigations over the past several months on various targets connected to cryptocurrency exchange-traded funds (ETFs). Latest Public Service AnnouncementPosted on Tuesday.
“The investigation includes pre-operational preparations that suggest North Korean actors may attempt malicious cyber activities against companies associated with cryptocurrency ETFs or other cryptocurrency-related financial products.”
ETF issuers should heed the FBI's warning, according to Taylor Monahan, principal security researcher at crypto wallet provider Metamask.
“If I were an ETF issuer (or even working for an adjacent company or brand associated with ETFs), I would definitely review my internal controls right now,” she says. News.
“Identify single points of failure, ensure logging is on, retire and rotate old or unused keys, and share this PSA with employees. “There is no confusion around Lazarus and they are very good at getting into organizations,” she added, adding that researchers believe the Lazarus Group, the hacker, is affiliated with North Korea.
Because the FBI's PSAs are a high-effort, low-reward endeavor.
Join the community to get our latest articles and updates
“Getting the PSA out to the public is a lot of work and requires a lot of people to coordinate and verify the intel,” Monahan said.
PSAs are also a less effective method of warning at-risk businesses than direct contact, she added.
“This usually means that the FBI has identified a long list of potential targets, possibly unknown targets, and is willing to release a PSA in hopes of doing so. [would] Front run a hack.”
Bitcoin ETFs debuted in the US in January. Ethereum ETFs followed suit in July.
Bitcoin ETFs have been a resounding success so far, attracting around $50 billion in the first half of the year. This flow pushed Bitcoin to an all-time high in March.
Meanwhile, Ethereum ETFs have seen a relatively muted launch, with demand quickly drying up after a torrid start.
ETFs appeal to risk-averse investors because they provide hassle-free and risk-free exposure to the underlying asset.
The investment banks are Goldman Sachs and Morgan Stanley Revealed In regulatory filings last month they held $600 million in bitcoin in US spot bitcoin ETFs.
BlackRock, the world's largest asset manager, is the issuer, along with other titans of finance such as Fidelity and Franklin Templeton.
In 58 suspected cyber heists, North Korean hackers stole $3 billion worth of crypto assets over the past seven years, according to a 615-page report published by the United Nations Security Council earlier this year.
Much of that money was used to finance the country's nuclear weapons program.
Hackers have proven adept at infiltrating crypto companies, using sophisticated social engineering schemes and fake job applications.
But Monahan notes that they have plenty of experience targeting traditional firms.
“Going after ETF issuers is certainly different than their recent DeFi/CeFi/CEX targets, but I'm not sure it's necessarily an increase,” she says, using terms for centralized finance and centralized crypto exchanges.
“Before crypto, these same hackers spent years successfully breaking into banks around the world and directly targeting the SWIFT system. They follow the money, and today, ETF issuers have money.
Alex Gilbert News'Diffie correspondent from New York. You can reach him at [email protected].
Related topics
