If you know what hacking groups are most active right now, what techniques they’re known to use, and what sort of businesses they’re targeting, you can better prepare and protect yourself.
We’ve noticed that in the crypto space, threat intel isn’t shared in up-to-the-minute feeds of what’s out there right now. Rather, FUD-fuelled headlines of what’s already gone wrong seem to dominate.
What good is that to you and your business?
So, here’s your dose of threat intel to help put you on the front foot – so you don’t turn into another crypto hack headline.
North Korean APT hacking group, Lazarus, is currently targeting employees of blockchain and crypto businesses with spear-phishing campaigns aimed at stealing cryptocurrency.
Put simply, your employees could be targeted by Lazarus’ latest spear-phishing campaign. This puts your business at risk of having its crypto or its clients’ crypto stolen via malware.
The campaign is targeting employees at cryptocurrency exchanges, Defi, play-to-earn cryptocurrency games, and crypto-coin trading companies, as well as VCs that invest in cryptocurrencies and individuals with significant amounts of NFTs.
Spear-phishing is a more targeted version of a phishing attack and is Lazarus’ modus operandi.
In this campaign, the target – an employee at a crypto business – is sent an email professing to be a recruitment effort. Lured by the high-paying jobs that are seemingly on offer, the target is tricked into downloading bogus applications claiming to be price-prediction and trading tools.
These applications contain malware, specifically a remote access trojan known as TraderTraitor which infects the target’s machine. In addition to stealing crypto, TraderTraitor can also steal data and system information.
Lazarus Group is a cybercrime organisation with links to North Korea. It’s an APT – an advanced persistent threat – and was recently revealed to be behind the Ronin exploitation that led to the theft of $600m in ETH and USD coins. So they’re not to be underestimated.
It goes without saying, but good security hygiene should always be practiced, and your employees should be empowered to recognise, identify and flag suspicious emails.
But hackers are getting smarter; their whole raison d’être is to find ways to infiltrate networks and gain access to sensitive information or assets. Your people and their ability to recognise spear-phishing emails or malware-riddled apps should never be your only line of defence against them.
Luckily, there are more layers of protection you can put in place to offload your risk and reduce your exposure to the vast threat landscape.
Coincover’s Business Theft Protection technology prevents businesses from losing their crypto due to malicious activity. With a real-time in-flow response to transactions, you can determine whether they are safe and properly authorised before they’re added to the blockchain, giving you a vital defence against hacking and human error.
To find out more about how we can help you offload your risk, get in touch today.