‘North Korean’ Hackers Target Crypto Exchanges, Spread Viruses in Word Doc

Exchange Hack North Korea South Korea
Last updated:
Author
Author
Tim Alper
About Author

Tim Alper is a British journalist and features writer who has worked at Cryptonews.com since 2018. He has written for media outlets such as the BBC, the Guardian, and Chosun Ilbo. He has also worked...

Last updated:
Why Trust Cryptonews
Cryptonews has covered the cryptocurrency industry topics since 2017, aiming to provide informative insights to our readers. Our journalists and analysts have extensive experience in market analysis and blockchain technologies. We strive to maintain high editorial standards, focusing on factual accuracy and balanced reporting across all areas - from cryptocurrencies and blockchain projects to industry events, products, and technological developments. Our ongoing presence in the industry reflects our commitment to delivering relevant information in the evolving world of digital assets. Read more about Cryptonews

North Korean hackers are “using fake job offer emails to dupe crypto exchange employees,” warned security experts – and Pyongyang-aligned cyber-terrorists are causing “damage” by circulating “malware-ridden MS Word documents” south of the 38th Parallel.

Pyongyang. Source: Adobe/Oleg Znamenskiy

Gina Kim, an IT security professional based in Seoul, South Korea, told Cryptonews.com,

“Although I can’t say for sure that they come from North Korea, malicious actors with impeccable Korean language skills are certainly now targeting employees at South Korean financial institutions including crypto exchanges with what look like bona fide job offers. The idea is to build up trust and eventually to get staff members to open malware-infested documents or apps on work computers. The days of the easy-to-spot spam email are dead.”

Per News1, security firms have unearthed evidence of Pyongyang-based campaigns that target government bodies, financial institutions, crypto exchanges and more.

The Security Response Center of South Korean security provider AhnLab said that a “suspected North Korean hacker group” named Kimsuki, has recently launched a cyberattack campaign on a number of South Korean targets using what appears to be a normal-looking Word document.

The innocuous-looking document email was circulated by email, reaching government offices that deal with North Korea-related affairs, universities and more, and ostensibly contained North Korea-related information.

However, the document was laced with malicious code that compromised devices and networks of the companies where it was opened.

The media outlet also stated that F-Secure, a firm that recently claimed bogus job offers have become a new way to compromise trading platform staff, said it has evidence that the notorious Lazarus group is behind the attacks.

Lazarus is the North Korean hacker group believed to be behind the WannaCry ransomware attacks of 2018.

The media outlet quoted Matt Lawrence, F-Secure’s Global Lead for Incident Response, as stating,

“We have found similarities between these [recent cyberattacks] and previous Lazarus attacks. We are convinced that Lazarus is behind the latest cyberattacks because of these similarities.”

F-Secure claimed last month that Lazarus has this year launched a spate of spear-phishing attacks using platforms like LinkedIn, with bogus job offers to crypto exchange employees in over a dozen nations.
__
Learn more:
UN: North Korea Turns Talented Children into Cryptocurrency Hackers
Small Crypto Exchanges ‘Low-hanging Fruit’ for North Korean Hackers

More Articles

Bitcoin News
Bitcoin Analyst PlanB Moves Entire BTC Holdings to Spot ETFs for “Peace of Mind”
Ruholamin Haqshanas
Ruholamin Haqshanas
2025-02-16 10:12:34
Altcoin News
Pantera Capital’s Dan Morehead Under Federal Tax Investigation After Move to Puerto Rico
Ruholamin Haqshanas
Ruholamin Haqshanas
2025-02-16 10:10:26
Crypto News in numbers
editors
Authors List + 66 More
2M+
Active Monthly Users Around the World
250+
Guides and Reviews Articles
8
Years on the Market
70
International Team Authors