UpdatesDec 28, 2022

Lazarus Group is impersonating cryptocurrency companies, warns Kaspersky

North Korea continues illegal activities in the area of cryptocurrencies

The North Korean government-backed cybercriminal organization Lazarus Group has not been idle this year. A team of hackers carried out several daring online attacks during this time, the most notorious of which was an exploit on the Ronnin Network, which resulted in the theft of assets worth $620 million. It looks like 2023 will also be a busy year for cybercriminals, as reported recently by Kaspersky.

Beware of fake sites from BlueNoroff

BlueNoroff has created over 70 fake domains that claim to be venture capital companies, young projects in the cryptocurrency sector and banks. Most of them are supposed to imitate Japanese companies, however, as Kaspersky notes, some of the illegal websites in this area also impersonate American and Vietnamese companies.

As we learn from a report published by Kaspersky, a company specializing in cybersecurity, hackers are testing new types of malicious files and implementing new ways of introducing virus software to end-user devices.

Once installed, the malware is said to be able to get past Windows security warnings that appear when content is downloaded, and then "intercepts significant digital currency transfers, modifies the recipient's address, and pushes the transfer amount up to the maximum available limit, essentially draining the account" in just one transaction,” says Kaspersky.

The company warns that problems related to hackers are getting worse and this situation is unlikely to change. Cybersecurity researcher Seongsu Park said in a published statement:

The coming year will be marked by a cyber epidemic of enormous impact, the strength of which has never been seen before. […] On the verge of new illegal campaigns, cryptocurrency companies need to be more secure than ever before.

A sub-group called BlueNoroff, which is part of the larger criminal organism that is the Lazarus Group, was first identified after the 2016 attack on Bangladesh's central bank.