North Korean Hackers Target Brazilian Crypto Firms: Report

Crypto hack North Korea
Last updated:
Author
Jimmy Aki
Author Categories
About Author

Jimmy has nearly 10 years of experience as a journalist and writer in the blockchain industry. He has worked with well-known publications such as Bitcoin Magazine, CCN, and Blockonomi, covering news...

Last updated:
Why Trust Cryptonews
Cryptonews has covered the cryptocurrency industry topics since 2017, aiming to provide informative insights to our readers. Our journalists and analysts have extensive experience in market analysis and blockchain technologies. We strive to maintain high editorial standards, focusing on factual accuracy and balanced reporting across all areas - from cryptocurrencies and blockchain projects to industry events, products, and technological developments. Our ongoing presence in the industry reflects our commitment to delivering relevant information in the evolving world of digital assets. Read more about Cryptonews

A June 13 threat intelligence report from Google Cloud exposed an alarming wave of cyberattacks by North Korean hackers targeting cryptocurrency exchanges, fintech companies, and individuals in Brazil.

The report identifies the notorious North Korean hacking group Pukchong (also known as UNC4899) as the culprit behind the recent attacks.

North Korea Hackers Running Coordinated Attacks?

Cybercriminals use a sinister tactic to lure unsuspecting victims into downloading malicious software disguised as a crypto price tracker. The malware gives the attackers control over the victim’s system and enables the retrieval of additional harmful payloads.

According to Google threat intelligence, North Korean groups have targeted Brazil’s cryptocurrency firms and aerospace, defense, and government entities. In contrast, Chinese government-backed cybercriminals focus on targeting government organizations and the energy sector in the South American nation.

North Korea Hackers
Source: Google Cloud Report

In addition to Pukchong, other North Korean hacking groups, such as GoPix and URSA, were also found to be actively targeting Brazilian cryptocurrency firms using similar malware attacks.

Brazil’s Digital Boom Under Cyber Attack

This discovery came amid critical concerns over the security of cryptocurrency wallets and exchanges, which are constantly being attacked by hackers.

On April 15, Trust Wallet warned about a zero-day exploit targeting iOS users. The crypto wallet provider disclosed that the flaw could allow hackers to gain unauthorized access to users’ data.

While no victim was reported then, Trust Wallet advised users to disable iPhone iMessage until Apple fixes the gap.

Also, in May 2024, cybersecurity firm Kaspersky uncovered that the North Korean hacking group Kimsuky deployed malware targeting South Korean crypto firms. The malware named “Durian” enables the execution of delivered commands, additional file downloads, and exfiltration of sensitive files.

Google’s threat analysis warned that Brazil is vulnerable to cyber threats from local and foreign threat actors. As the country’s digital payment market booms, its thriving economy makes it a rewarding target for the digital underworld.

Notably, ransomware groups that had previously focused on North America and Europe have now set their sights on the Latin American country.

RansomHub, a ransomware-as-a-service gang, has even identified Brazil as its second most-targeted country on its leak site, underscoring the growing threat to its digital landscape.

More Articles

Features
Linea Airdrop: Will the Token Fail or Breathe Life into L2s?
Olga Primakova
Olga Primakova
2025-02-10 16:32:37
Blockchain News
Crypto Mixers Used Less By Ransomware Criminals, AI Agents Pose New Threat
Rachel Wolfson
Rachel Wolfson
2025-02-10 16:25:01
Crypto News in numbers
editors
Authors List + 66 More
2M+
Active Monthly Users Around the World
250+
Guides and Reviews Articles
8
Years on the Market
70
International Team Authors