The attackers sent phishing emails to employees to infect their computers with malware

North Korean hackers carry out a series of attacks on Japanese crypto companies

17.10.2022 - 09:45


2 min

What’s new? According to Japan’s National Police Agency (NPA), the North Korean hacker group Lazarus has carried out cyberattacks targeting local companies dealing with crypto assets. The attackers sent phishing emails to employees to infect their computers with malware. Some companies had their internal systems hacked and cryptocurrency stolen. The regional police, after receiving reports of the damage, launched a joint operation with the NPA’s special cybercrime investigation unit, created in April this year, JapanNews reports.

Material by JapanNews

What else does the publication report? The NPA does not disclose information about individual internal cases involving Lazarus. According to sources, the hacker group is believed to be involved in stealing about 6,7 billion yen ($45 million) in bitcoins and other cryptocurrencies from crypto exchange Zaif in 2018, and 3,5 billion ($23,6 million) from Bitpoint Japan in 2019.

On October 14, the NPA, along with the Financial Services Agency (FSA) and the National Center of Incident Readiness and Strategy for Cybersecurity (NISC), issued a warning urging people not to open suspicious links in emails.

Katsuyuki Okamoto of information security company Trend Micro Inc noted that Lazarus originally attacked banks in various countries, but more recently the hackers have been targeting crypto assets. He stressed that it is important to inform the public, as this will raise their awareness of the attackers’ tactics and encourage them to take protective measures.

In June, analysts at Elliptic suggested that hackers from Lazarus could be behind the Horizon Bridge hack on the Harmony network. The exploit and money laundering features are similar to other incidents Lazarus has been confirmed to be involved in. Experts have also suggested that the group focuses on targets in the APAC for linguistic reasons.

In August, Alex Smirnov, co-founder of deBridge, a cross-chain protocol, spoke about an attempted attack on the project by Lazarus. The attackers also sent out emails containing malware through the fake email of one of the company’s executives.

In September, US authorities seized $30 million in cryptocurrency that had been stolen from the Ronin Network sidechain by hackers from the DPRK in March 2022.

Subscribe to Getblock Magazine and stay up to date with the latest news from the world of cryptocurrencies and the digital economy