After being linked to a $625 million hack, the US government has issued a warning against North Korean crypto attacks.

North Korean cyber actors have been detected targeting a wide range of crypto and blockchain enterprises, including exchanges, DeFi protocols, and play-to-earn games, according to the authorities.

On Monday, many US federal agencies issued a joint statement warning of the threat presented by bitcoin thefts and tactics utilised by the North Korean state-sponsored Lazarus Group.

  • APT38, BlueNoroff, and Stardust Chollima are among the names given to the organisation by the FBI, the Cybersecurity and Infrastructure Security Agency (CISA), and the US Treasury Department.
  • The Treasury Department has linked Lazarus to a $625 million cryptocurrency theft from the Ronin bridge, which is connected to the popular play-to-earn game Axie Infinity.
  • North Korean cyber actors have been targeting a wide range of crypto and blockchain businesses, including "cryptocurrency exchanges, decentralised finance (DeFi) protocols, play-to-earn cryptocurrency video games, cryptocurrency trading companies, venture capital funds investing in cryptocurrency, and individual holders of large amounts of cryptocurrency or valuable non-fungible tokens (NFTs)," according to the US government.
  • Patching all systems, prioritising patching known exploited vulnerabilities, training users to recognise and report phishing attempts, and using multifactor authentication are all recommendations made by the organisations to protect against social engineering attempts by the group to gain access to crypto.