North Korea's Lazarus behind years of crypto hacking in Japan: Police
According to the Japanese government, a common mode of attack for the Lazarus Group was phishing, which reportedly focused more on crypto funds these lately because they are "more loosely managed".
New
The Japanese National Police has identified North Korean hacking group Lazarus as the organization behind several years of crypto-related cyberattacks.
In the public notice sent on October 14, Japan's National Police Agency (NPA) and Financial Services Agency (FSA) issued a warning to crypto-asset companies in the country, asking them to remain vigilant against "phishing" attacks. by the hacking group aiming to steal crypto assets.
The warning statement is known as the "public attribution" and, according to local reports, this is the fifth time in history that the government has issued such a warning.
The statement warns that the hacking group is using social engineering to orchestrate phishing attacks, impersonating executives of a target company in an attempt to trick employees into clicking on links or parts malicious attachments:
"This group of cyberattacks sends phishing emails to employees posing as executives of the target company [...] through social media sites with fake accounts, claiming to conduct business transactions [...] The cyberattack group [then] uses the malware as an anchor to gain access to the victim's network.”
According to the statement, phishing is a common mode of attack used by North Korean hackers, with the NPA and FSA urging targeted companies to keep their "private keys in an offline environment" and "not to open attachments or hyperlinks". carelessly."
The statement adds that individuals and businesses should “not download files from sources other than those whose authenticity can be verified, especially for applications related to crypto assets.”
The NPA also suggested that holders of digital assets "install security software", strengthen identity authentication mechanisms by "implementing multi-factor authentication", and not use the same password for multiple devices or services.
The NPA has confirmed that several...
According to the Japanese government, a common mode of attack for the Lazarus Group was phishing, which reportedly focused more on crypto funds these lately because they are "more loosely managed".
New
The Japanese National Police has identified North Korean hacking group Lazarus as the organization behind several years of crypto-related cyberattacks.
In the public notice sent on October 14, Japan's National Police Agency (NPA) and Financial Services Agency (FSA) issued a warning to crypto-asset companies in the country, asking them to remain vigilant against "phishing" attacks. by the hacking group aiming to steal crypto assets.
The warning statement is known as the "public attribution" and, according to local reports, this is the fifth time in history that the government has issued such a warning.
The statement warns that the hacking group is using social engineering to orchestrate phishing attacks, impersonating executives of a target company in an attempt to trick employees into clicking on links or parts malicious attachments:
"This group of cyberattacks sends phishing emails to employees posing as executives of the target company [...] through social media sites with fake accounts, claiming to conduct business transactions [...] The cyberattack group [then] uses the malware as an anchor to gain access to the victim's network.”
According to the statement, phishing is a common mode of attack used by North Korean hackers, with the NPA and FSA urging targeted companies to keep their "private keys in an offline environment" and "not to open attachments or hyperlinks". carelessly."
The statement adds that individuals and businesses should “not download files from sources other than those whose authenticity can be verified, especially for applications related to crypto assets.”
The NPA also suggested that holders of digital assets "install security software", strengthen identity authentication mechanisms by "implementing multi-factor authentication", and not use the same password for multiple devices or services.
The NPA has confirmed that several...
What's Your Reaction?
