North Korean leader, Kim Jong-un, is reportedly backing a group of hackers in stealing cryptocurrencies using phishing scams. Reports indicate that the country has ramped up these efforts in an attempt to prevent a financial meltdown amid the COVID-19 crisis.
Kim Jong-un 'unleashes global wave of cybercrime' in bid to stop coronavirus meltdownhttps://t.co/zmC8FpeJ0T pic.twitter.com/PK3ZBzjMpy — Daily Mirror (@DailyMirror) May 13, 2020
Experts from ESTsecurity, states that Lazarus is “increasingly engaging” in cybercrime activities in and out of South Korea. Still, they have also received reports that some attacks are being made internationally in countries like the United States.
The attacks are mainly aimed at people trading crypto. The group sends malicious files that impersonate blockchain software development contracts.
Brett Callow, threat analyst at malware lab, Emsisoft, explained that the group of hackers is also known as “HIDDEN COBRA”:
“The Lazarus Group, or HIDDEN COBRA, undoubtedly represent a serious threat and have been blamed for a number of significant security incidents including the WannaCry attack, the Sony breach, and the 2017 attacks on users of various cryptocurrencies. Some reports have claimed the group is North Korean and may be a state-sponsored actor, but this may or not be correct.”
In a press release on April 27, ESTsecurity warned:
“They are also engaging in cyber-espionage operations as well as activities designed to generate foreign currency.”