BTC 0.42%
ETH -0.09%
SOL 3.45%
PEPE -1.51%
SHIB -1.48%
BNB 0.70%
DOGE -1.82%
XRP -0.64%
Pepe Unchained ($PEPU)
The Hottest Presale

North Korean Hackers Target Brazilian Crypto Firms: Report

Jimmy Aki
Last updated: | 1 min read
WazirX hacked

A June 13 threat intelligence report from Google Cloud exposed an alarming wave of cyberattacks by North Korean hackers targeting cryptocurrency exchanges, fintech companies, and individuals in Brazil.

The report identifies the notorious North Korean hacking group Pukchong (also known as UNC4899) as the culprit behind the recent attacks.

North Korea Hackers Running Coordinated Attacks?

Cybercriminals use a sinister tactic to lure unsuspecting victims into downloading malicious software disguised as a crypto price tracker. The malware gives the attackers control over the victim’s system and enables the retrieval of additional harmful payloads.

According to Google threat intelligence, North Korean groups have targeted Brazil’s cryptocurrency firms and aerospace, defense, and government entities. In contrast, Chinese government-backed cybercriminals focus on targeting government organizations and the energy sector in the South American nation.

North Korea Hackers
Source: Google Cloud Report

In addition to Pukchong, other North Korean hacking groups, such as GoPix and URSA, were also found to be actively targeting Brazilian cryptocurrency firms using similar malware attacks.

Brazil’s Digital Boom Under Cyber Attack

This discovery came amid critical concerns over the security of cryptocurrency wallets and exchanges, which are constantly being attacked by hackers.

On April 15, Trust Wallet warned about a zero-day exploit targeting iOS users. The crypto wallet provider disclosed that the flaw could allow hackers to gain unauthorized access to users’ data.

While no victim was reported then, Trust Wallet advised users to disable iPhone iMessage until Apple fixes the gap.

Also, in May 2024, cybersecurity firm Kaspersky uncovered that the North Korean hacking group Kimsuky deployed malware targeting South Korean crypto firms. The malware named “Durian” enables the execution of delivered commands, additional file downloads, and exfiltration of sensitive files.

Google’s threat analysis warned that Brazil is vulnerable to cyber threats from local and foreign threat actors. As the country’s digital payment market booms, its thriving economy makes it a rewarding target for the digital underworld.

Notably, ransomware groups that had previously focused on North America and Europe have now set their sights on the Latin American country.

RansomHub, a ransomware-as-a-service gang, has even identified Brazil as its second most-targeted country on its leak site, underscoring the growing threat to its digital landscape.