Cryptonews Bitcoin News

North Korea Is Targeting Crypto Users with Spear-Phishing Attacks, Says UN

Crime

Cryptocurrency Hack North Korea Security

Last updated: June 26, 2023 06:54 EDT

Author

Tim Alper

Author

Tim Alper

About Author

Tim Alper is a British journalist and features writer who has worked at Cryptonews.com since 2018. He has written for media outlets such as the BBC, the Guardian, and Chosun Ilbo. He has also worked...

Author Profile

Last updated:

June 26, 2023 06:54 EDT

Why Trust Cryptonews

Cryptonews has covered the cryptocurrency industry topics since 2017, aiming to provide informative insights to our readers. Our journalists and analysts have extensive experience in market analysis and blockchain technologies. We strive to maintain high editorial standards, focusing on factual accuracy and balanced reporting across all areas - from cryptocurrencies and blockchain projects to industry events, products, and technological developments. Our ongoing presence in the industry reflects our commitment to delivering relevant information in the evolving world of digital assets. Read more about Cryptonews

A UN report has alleged North Korea is conducting spear-phishing activities on the crypto industry, and is looking to attack crypto users in a range of nations, including across the border in South Korea.

Per Newsis and SBS, the UN says that it has seen evidence that Pyongyang-linked hackers and state-sponsored crypto thieves are “primarily using social media platforms to identify targets and attempt initial contact” with crypto holders.

Rather than spamming a broad range of targets with generic emails that invariably end up in junk folders, the UN says the North is posing as trusted senders and going after well-researched targets with a clear interest in crypto.

The report also specified that the attackers were using bona fide-looking links to what appeared to be breaking news stories about crypto to divert users onto sites where they attempted to harvest private and sensitive data.

Gina Kim, a Seoul-based IT security expert, told Cryptonews.com that tracing attacks back to Pyongyang was not always easy, but noted that “spear- and voice-phishing attacks are undoubtedly on the rise” in South Korea, and likely originated abroad in many instances. She explained:

“The most common way to target crypto users now appears to be to call or email unsuspecting account holders and claim to be an official from a bank or a crypto exchange.”

As there are only three banks and four crypto exchanges in the crypto space, and many users have accounts at multiple exchanges, this approach is quite often successful in finding targets, Kim stated. She said:

“Attackers look to panic people by telling them someone has accessed their account and is trying to drain it of funds. In that panicked state, some [South Koreans] have been duped into handing over login details and passwords.”

The UN also claimed that the North has been targeting the makers of coronavirus vaccines in a separate spate of attacks.

It added that Pyongyang has “maintained its nuclear and missile development program” in spite of the pandemic, which many international observers have claimed likely took a devastating toll on the country.
___
Learn more:
– UN: North Korea Turns Talented Children into Cryptocurrency Hackers
– South Korean Politician: North Has Stolen USD 310M in Crypto Since 2019

– North Korean Crypto Hackers Now Target Russian Defense Firms
– ‘North Korean’ Hackers Target Crypto Exchanges, Spread Viruses in Word Doc