The FBI has warned that North Korean hackers are targeting U.S. cryptocurrency ETFs using sophisticated social engineering techniques.
The FBI has issued a warning about North Korean hackers targeting U.S. cryptocurrency exchange-traded funds (ETFs) in a sophisticated attempt to steal digital assets. The agency revealed that North Korean cybercriminals are employing advanced social engineering techniques to breach the security of companies associated with cryptocurrency ETFs, posing a significant threat to the decentralized finance (DeFi) and cryptocurrency sectors.
The FBI warns that North Korean hackers are "aggressively targeting" employees in the "crypto industry."
— TFTC (@TFTC21) September 3, 2024
They recommend firms avoid storing wallet info on internet-connected devices and create secure verification systems. pic.twitter.com/iCpvDtG8ZJ
According to the FBI, these attacks involve thorough pre-operational research, with North Korean actors crafting highly customized scenarios designed to exploit the specific interests and connections of their targets. The FBI stated that over the past several months, hackers have been gathering information on U.S.-based companies involved with cryptocurrency ETFs. The agency highlighted that these actors are capable of conducting prolonged interactions, impersonating trusted contacts, and creating fake job offers or investment opportunities to trick victims into downloading malware or disclosing sensitive information.
"North Korean malicious cyber actors conducted research on a variety of targets connected to cryptocurrency exchange-traded funds (ETFs) over the last several months," the FBI said in its statement. "This research included pre-operational preparations suggesting North Korean actors may attempt malicious cyber activities against companies associated with cryptocurrency ETFs or other cryptocurrency-related financial products."
The FBI warned that these cybercriminals remain a persistent threat to organizations managing large volumes of cryptocurrency. The attacks are highly targeted and difficult to detect, even for individuals with technical expertise.
To mitigate these risks, the FBI has urged cryptocurrency companies to adopt stringent security protocols, such as multi-factor authentication, limiting access to critical information, and verifying the identities of contacts through multiple communication channels. Additionally, the FBI recommends that companies holding significant amounts of cryptocurrency implement additional safeguards to protect their assets from these advanced cyberattacks.
