On April 18, the Federal Bureau of Investigation (FBI), the U.S. Treasury Department, and the Cybersecurity and Infrastructure Security Agency (CISA) published a Cybersecurity Advisory (CSA) report concerning malicious North Korean state-sponsored cryptocurrency activity. According to the U.S. government, law enforcement officials have observed North Korean cyber actors targeting specific blockchain companies in the industry.
FBI Alleges North Korean Hacking Activity Is on the Rise, Report Highlights Lazarus Group’s Activities
The FBI, alongside a number of U.S. agencies, published a CSA report called “North Korean State-Sponsored APT Targets Blockchain Companies.” The report details that the APT (advanced persistent threat) has been state-sponsored and active since 2020. The FBI explains that the group is commonly known as Lazarus Group, and U.S. officials accuse the cyber actors of a number of malicious hack attempts.
North Korean cyber actors target a variety of organizations such as “organizations in the blockchain technology and cryptocurrency industry, including cryptocurrency exchanges, decentralized finance (defi) protocols, play-to-earn cryptocurrency video games, cryptocurrency trading companies, venture capital funds investing in cryptocurrency, and individual holders of large amounts of cryptocurrency or valuable non-fungible tokens (NFTs).”
The FBI’s CSA report follows the recent Office of Foreign Assets Control (OFAC) update which accuses Lazarus Group and North Korean cyber actors of being involved in the Ronin bridge attack. After the OFAC update was published, the ethereum mixing project Tornado Cash revealed it was leveraging Chainalysis tools, and blocking OFAC-sanctioned ethereum addresses from using the ether mixing protocol.
‘Apple Jesus’ Malware and the ‘TraderTraitor’ Technique
According to the FBI, Lazarus Group leveraged malicious malware called “Apple Jesus,” which trojanizes cryptocurrency companies.
“As of April 2022, North Korea’s Lazarus Group actors have targeted various firms, entities, and