A UN report has claimed that North Korea is conducting spear phishing activities in the crypto industry and attempting to attack crypto users in a number of nations, including across the border in South Korea.
According to Newsis and SBS, the United Nations has found evidence that Pyongyang-linked hackers and state-sponsored crypto thieves “primarily use social media platforms to identify targets and attempt initial contact with crypto holders.”
Instead of spamming a wide range of targets with generic emails that invariably end up in junk folders, the United Nations states that the North is posing as trusted senders and pursuing well-researched targets with a clear interest in crypto.
The report also stated that the attackers used bona fide-looking links to seemingly breaking news about crypto to distract users on websites where they were trying to collect private and confidential data.
Gina Kim, a Seoul-based IT security expert, said that it is not always easy to trace attacks on Pyongyang, but noted that “spear and voice phishing attacks are undoubtedly on the rise” in South Korea, and probably in many cases originated abroad. She explained:
“The most common way to target crypto users now seems to be to call or email unsuspecting account holders and impersonate a bank or crypto exchange official.”
Since there are only three banks and four crypto exchanges in the crypto space, and many users have accounts on several exchanges, this approach is often successful in finding targets, Kim explained. She said:
“Attackers are trying to panic people by telling them that someone has accessed their account and is trying to rid it of funds. In this panic state, some [South Koreans] were made to hand over credentials and passwords.”
The United Nations also claimed that the North had targeted coronavirus vaccine manufacturers in a separate series of attacks.
It added that despite the pandemic, which many international observers claimed had taken a devastating toll on the country, Pyongyang was “maintaining its nuclear and missile development program.”