Latest news with #NorthKorean-backed
Yahoo
25-04-2025
- Business
- Yahoo
North Korean Hackers Targeting Crypto Developers With U.S. Shell Firms
North Korean hackers posing as American tech entrepreneurs quietly registered companies in New York and New Mexico as part of a campaign to compromise developers in the crypto industry, security firm Silent Push said Thursday. Two businesses, Blocknovas and Softglide, were created using fictitious identities and addresses. The operation is tied to a subgroup within the Lazarus Group. The North Korean-backed hacking unit has stolen billions worth of crypto in the past years using sophisticated techniques and strategies that target unsuspecting individuals or companies. 'This is a rare example of North Korean hackers actually managing to set up legal corporate entities in the US in order to create corporate fronts used to attack unsuspecting job applicants,' said Kasey Best, director of threat intelligence at Silent Push. The hackers' playbook is as manipulative as it is effective: use fake LinkedIn-style profiles and job postings to lure crypto developers into interviews. Then, during the recruitment process, they are tricked into downloading malware disguised as job application tools. Silent Push identified multiple victims of the operation, especially those contacted through Blocknovas, which researchers say was the most active of the three front companies. The firm's listed address in South Carolina appears to be an empty lot, while Softglide was registered through a tax office in Buffalo, New York. The firm added that the malware used in the campaign includes at least three virus strains previously tied to North Korean cyber units. These programs can steal data, provide remote access to infected systems, and serve as entry points for additional spyware or ransomware. The FBI has seized the Blocknovas domain, per Reuters. A notice posted to the site states it was taken down 'as part of a law enforcement action against North Korean cyber actors who utilised this domain to deceive individuals with fake job postings and distribute malware.'
Associated Press
17-03-2025
- Business
- Associated Press
The Bybit Hack: A Harsh Reminder of the Dangers in Crypto
The Bybit Hack: A Breakdown and Lessons To Can Take from These Attacks DETROIT, MI, UNITED STATES, March 17, 2025 / / -- In February 2025, the cryptocurrency world was rocked by yet another major hack —this time targeting Bybit, one of the largest crypto exchanges. The attackers, later identified as North Korea's infamous Lazarus Group, siphoned off approximately $1.5 billion in digital assets using a sophisticated phishing scheme. For Brian Oakes, author of UNDERMINED, the news stirred a familiar pit in his stomach. This wasn't just another headline—it was a painful echo of his own nightmare. In his book, Oakes details his experience of losing a fortune in crypto to cybercriminals. Reading about the Bybit attack brought back haunting memories, as the eerie similarities to his own story replayed the day he watched his life savings vanish. On February 21, 2025, Bybit's CEO, Ben Zhou, initiated what should have been a routine transfer of 40,000 Ethereum (ETH). But something was off. Unbeknownst to Zhou, hackers had already infiltrated the system, deploying an advanced phishing scheme that perfectly mimicked the exchange's interface. In mere moments, 401,000 ETH—worth roughly $1.5 billion—was gone. As an early crypto investor and miner, Oakes understands firsthand how devastating a loss like this can be. The FBI later confirmed that the Lazarus Group was behind the attack—the same North Korean-backed hackers responsible for numerous cyber heists. Their operation, dubbed 'TraderTraitor,' once again proved just how vulnerable the crypto industry remains, despite years of hard lessons. How This Mirrors Oakes' Own Experience The Bybit breach was strikingly similar to the attack chronicled in UNDERMINED, where Oakes fell victim to a sophisticated assault that drained over 500 Bitcoin and other assets, resulting in a staggering $31.5 million loss. Although the methods differed, the end result was the same: financial devastation and an uphill battle to seek justice. Just as Bybit's security measures were outmatched, Oakes had been caught off guard by the complexity and precision of the attack. In his case, the hacker exploited vulnerabilities in his mobile carrier's security, intercepting SMS verification codes to gain access to his exchange accounts and email. Within minutes, everything he had built was gone. Lessons Learned from These Attacks Both the Bybit hack and Oakes' personal ordeal highlight a painful truth: cryptocurrency remains a prime target for cybercriminals, and neither exchanges nor investors are ever completely safe. Key takeaways from both experiences include: • Hackers Are Always Evolving: Whether through phishing, SIM-swapping, or social engineering, cybercriminals continually develop new methods to bypass security measures. • Exchanges Are Not Impenetrable: No matter how large or reputable an exchange is, it remains vulnerable. While decentralization and self-custody may offer greater security, they also come with their own risks. • Security Must Be Personal: Whether an individual investor or the operator of a billion-dollar exchange, robust personal security is the last line of defense. Multi-factor authentication, hardware wallets, and avoiding SMS-based verification are crucial steps to mitigating risk. • A Call for Change If there's one thing Oakes has learned from his own loss—and from major hacks like Bybit's—it's that the crypto industry must do better. Exchanges need to implement stronger security protocols, and users must take additional precautions to protect their assets. For those who have experienced this kind of loss, it's never just about money—it's about their future, their security, and in many cases, their life's work. The Bybit hack serves as yet another grim reminder of the lessons explored in UNDERMINED: in the world of cryptocurrency, trust is fragile, and without proactive security measures, everything can be lost in an instant. Sari M Cicurel +1 248-766-0945 X LinkedIn Other Legal Disclaimer:
Yahoo
14-03-2025
- Business
- Yahoo
Cryptocurrency miners sue Arkansas officials, cite ‘unconstitutional regulations'
LITTLE ROCK, Ark. – A federal lawsuit filed Thursday seeks to overturn an Arkansas law and a regulation for being unconstitutional. The Arkansas Cryptomining Association filed the suit naming Attorney General Tim Griffin and Oil and Gas Commission director Lawrence Bengal as defendants. It asserts that a cryptocurrency law and regulation in the state violates the 14th Amendment's equal protection clause. Emboldened crypto industry seeks to cement political influence and mainstream acceptance Act 174 of 2024 amends the law to mandate that any cryptocurrency mine in the state must not be foreign-owned. The lawsuit continues to point out that Rule K was passed shortly after the court placed an injunction on Act 174 in an attempted end-run, the lawsuit states. Rule K gave the Oil and Gas Commission authority over cryptocurrency mining operations, including issuing required operating permits. The lawsuit cited language when Act 174 was debated in the Senate that specifically mentioned preventing China as a mine owner, followed by a statement from the governor's office to, in part, 'kick a Chinese communist-owned company out of her state.' The lawsuit continues that when Rule K was submitted for approval to the governor's office, it included a statement that the commission needed it to execute Act 174. The lawsuit returns to statements made surrounding Act 174's passage that 'From the beginning, the primary purpose of Rule K was to target persons believed to be Chinese nationals or with Chinese ancestry.' FBI accuses North Korean-backed hackers of stealing $1.5 billion in crypto from Dubai-based firm The combined action of the act and the rule violates equal protection, the right to due process, the commerce clause, the supremacy clause and is taking without just compensation, according to the lawsuit, which asks the court to find them unconstitutional and unenforceable. Copyright 2025 Nexstar Media, Inc. All rights reserved. This material may not be published, broadcast, rewritten, or redistributed.
Korea Herald
27-02-2025
- Business
- Korea Herald
FBI accuses North Korean-backed hackers of stealing $1.5b in crypto from Dubai-based firm
The FBI has accused North Korean-linked hackers of conducting one of the largest thefts of cryptocurrency publicly known , seizing some $1.5 billion worth of ethereum from a Dubai-based firm. The theft earlier this month targeting Bybit, one of the world's largest crypto exchanges, represents yet another involving a team of hackers identified by the US government by the names TraderTraitor and the Lazarus Group. The hackers steal cryptocurrency 'through the dissemination of cryptocurrency trading applications that were modified to include malware that facilitates theft of cryptocurrency,' the FBI has said. In an online public service announcement late Wednesday, the FBI said it believed the North Korean-backed hackers were 'responsible for the theft.' 'TraderTraitor actors are proceeding rapidly and have converted some of the stolen assets to Bitcoin and other virtual assets dispersed across thousands of addresses on multiple blockchains,' the FBI said in its announcement. 'It is expected these assets will be further laundered and eventually converted to fiat currency.' North Korean state media has not acknowledged either the theft or the FBI accusation. Pyongyang's mission to the United Nations in Geneva did not immediately respond to a request for comment from The Associated Press. However, North Korea has stolen an estimated $1.2 billion in cryptocurrency and other virtual assets in the past five years, according to South Korea's spy agency. It represents a rare source of badly needed foreign currency to support its fragile economy and fund its nuclear program in the face of intense U.N. sanctions and North Korea's strict border closures during the coronavirus pandemic. A U.N. experts panel separately said it was investigating 58 suspected cyberattacks by North Korea between 2017 to 2023 that saw some $3 billion stolen to 'reportedly help to fund the country's development of weapons of mass destruction.' Bybit co-founder and CEO, Ben Zhou, acknowledged the FBI's announcement in a post on the social platform X by linking to a website offering $140 million in bounties for tracking the stolen crypto and getting it frozen by other exchanges. Bybit has said a routine transfer of ethereum, one of the most popular cryptocurrencies, from a so-called 'cold' or offline wallet was 'manipulated' by an attacker who transferred the crypto to an unidentified address. 'It was a highly sophisticated hack that targeted cold wallets via a blind signing type of exploit, whereby the attackers create a fake interface that deceives users, since it is a near identical copy of the trusted platform,' wrote Manuel Villegas, an analyst at Julius Baer. The blockchain analytics firm Certik has described the theft as 'the largest breach' in the history of blockchain transactions. The theft has seen overall crypto prices drop in recent days as investors in part have been spooked by the hack despite the industry getting a boost from the election of US President Donald Trump. Industry leader Bitcoin traded over $82,000 a coin on Thursday, down from high of over $100,000 a month ago. 'The situation ... is certainly painful for ByBit's customers and will likely raise additional regulatory scrutiny,' Villegas added. (AP)
Boston Globe
27-02-2025
- Business
- Boston Globe
FBI accuses North Korean-backed hackers of stealing $1.5 billion in crypto from Dubai-based firm
FBI issues warning linking Pyongyang to theft In an online public service announcement late Wednesday, the FBI said it believed the North Korean-backed hackers were 'responsible for the theft.' 'TraderTraitor actors are proceeding rapidly and have converted some of the stolen assets to Bitcoin and other virtual assets dispersed across thousands of addresses on multiple blockchains,' the FBI said in its announcement. 'It is expected these assets will be further laundered and eventually converted to fiat currency.' Get Starting Point A guide through the most important stories of the morning, delivered Monday through Friday. Enter Email Sign Up North Korean state media has not acknowledged either the theft or the FBI accusation. Pyongyang's mission to the United Nations in Geneva did not immediately respond to a request for comment from The Associated Press. Advertisement North Korean thefts reportedly fund nuclear weapons program However, North Korea has stolen an estimated $1.2 billion in cryptocurrency and other virtual assets in the past five years, according to South Korea's spy agency. It represents a rare source of badly needed foreign currency to support its fragile economy and fund its nuclear program in the face of intense U.N. sanctions and North Korea's strict border closures during the coronavirus pandemic. A U.N. experts panel separately said it was investigating 58 suspected cyberattacks by North Korea between 2017 to 2023 that saw some $3 billion stolen to 'reportedly help to fund the country's development of weapons of mass destruction.' Bybit co-founder and CEO, Ben Zhou, acknowledged the FBI's announcement in a post on the social platform X by linking to a website offering $140 million in bounties for tracking the stolen crypto and getting it frozen by other exchanges. Bybit has said a routine transfer of ethereum, one of the most popular cryptocurrencies, from a so-called 'cold' or offline wallet was 'manipulated' by an attacker who transferred the crypto to an unidentified address. Advertisement 'It was a highly sophisticated hack that targeted cold wallets via a blind signing type of exploit, whereby the attackers create a fake interface that deceives users, since it is a near identical copy of the trusted platform,' wrote Manuel Villegas, an analyst at Julius Baer. The blockchain analytics firm Certik has described the theft as 'the largest breach' in the history of blockchain transactions. The theft has seen overall crypto prices drop in recent days as investors in part have been spooked by the hack despite the industry getting a boost from the election of U.S. President Donald Trump. Industry leader Bitcoin traded over $82,000 a coin on Thursday, down from high of over $100,000 a month ago. 'The situation ... is certainly painful for ByBit's customers and will likely raise additional regulatory scrutiny,' Villegas added.
