Lazarus, a hacker group backed by North Korea, has been mailing spam messages to employees of Japanese cryptocurrency exchanges in an effort to afflict their computer systems with malware.
As a result, some companies have had their systems compromised and cryptocurrency was stolen, according to the Japan News.
Japan’s National Police Agency (NPA) and Financial Services Agency (FSA) warned the nation’s crypto-asset firms to be on the lookout for “phishing” attempts by the hacking gang intended to steal crypto assets in the public advisory statement quoted by the local news source.
Lazarus Hacker Group Impersonates Top Company Employees
Lazarus allegedly impersonated executives of cryptocurrency firms in phishing emails intended to target company employees, as well as connected with them on social media to infect their systems with malware, according to a senior NPA officer.
While it is uncommon to identify a suspected attacker before making such decisions as an arrest, officials have employed a strategy termed “public attribution,” adopting it in Japan for the fifth time, according to The Japan News.
Speaking on the report, Katsuyuki Okamoto, 56, of the information security firm Trend Micro Inc. told the media outlet that;
“Lazarus initially targeted banks in various countries, but recently it has been aiming at crypto assets that are managed more loosely. It’s important to engage in public attribution, as it will raise public awareness of the perpetrator’s tactics and prompt people to take measures.”
The police advise being cautious when opening files that are attached to emails and maintaining secret keys to private information away from the internet in order to prevent falling victim to such an exploit.
However, the authorities did not disclose which companies these phishing assaults had targeted or compromised.
There are several crypto exploits that have been linked to the Lazarus Hacker group, including the loss of billions of dollars worth of Bitcoin and other cryptocurrencies from the Zaif cryptocurrency exchange in 2018 and a case in which Ripple and other cryptocurrencies vanished from Bitpoint Japan in 2019.
As previously reported, the US Treasury believed the Lazarus hacking group was behind one of the highest cryptocurrency thefts in history, which resulted in the loss of nearly $625 million from the Ronin Bridge. The attackers stole 25.50 million USDC coins and 173,600 ETH.