https://www.channelfutures.com/wp-content/themes/channelfutures_child/assets/images/logo/footer-new-logo.png
  • Home
  • Technologies
    • Back
    • SDN/SD-WAN
    • Cloud
    • RMM/PSA
    • Security
    • Telephony/UC/Collaboration
    • Cable
    • Mobility & Wireless
    • Fiber/Ethernet
    • Data Centers
    • Backup & Disaster Recovery
    • IoT
    • Desktop
    • Artificial Intelligence
    • Analytics
  • Strategy
    • Back
    • Mergers and Acquisitions
    • Channel Research
    • Business Models
    • Distribution
    • Tech Services Brokerages
    • Sales & Marketing
    • Best Practices
    • Vertical Markets
    • Regulation & Compliance
    • Diversity, Equity & Inclusion
  • MSP 501
    • Back
    • MSP 501 Information Center
    • 2021 MSP 501 Rankings
  • Intelligence
    • Back
    • Galleries
    • Podcasts
    • From the Industry
    • Reports/Digital Issues
    • Webinars
    • White Papers
  • Channel Futures TV
  • EMEA
  • Channel Chatter
    • Back
    • People on the Move
    • New/Changing Channel Programs
    • New Products & Services
    • Industry Honors
  • Resources
    • Back
    • Advisory Boards
    • Industry Organizations
    • Our Sponsors
    • Advertise
    • 2022 Editorial Calendar
  • Awards
    • Back
    • 2021 MSP 501
    • Circle of Excellence
    • DE&I 101
    • Top Gun 51
    • Channel Partners 101 (CP 101)
  • Events
    • Back
    • CP Conference & Expo
    • MSP Summit
    • Channel Partners Europe
    • Channel Partners Event Coverage
    • Webinars
    • Industry Events
  • About Us
  • DE&I
Channel Futures
  • NEWSLETTER
  • Home
  • Technologies
    • Back
    • SDN/SD-WAN
    • Cloud
    • RMM/PSA
    • Security
    • Telephony/UC/Collaboration
    • Cable
    • Mobility & Wireless
    • Fiber/Ethernet
    • Data Centers
    • Backup & Disaster Recovery
    • IoT
    • Desktop
    • Artificial Intelligence
    • Analytics
  • Strategy
    • Back
    • Mergers and Acquisitions
    • Channel Research
    • Business Models
    • Distribution
    • Tech Services Brokerages
    • Sales & Marketing
    • Best Practices
    • Vertical Markets
    • Regulation & Compliance
    • Diversity, Equity & Inclusion
  • MSP 501
    • Back
    • MSP 501 Information Center
    • 2021 MSP 501 Rankings
  • Intelligence
    • Back
    • Galleries
    • Podcasts
    • From the Industry
    • Reports/Digital Issues
    • Webinars
    • White Papers
  • Channel Futures TV
  • EMEA
  • Channel Chatter
    • Back
    • People on the Move
    • New/Changing Channel Programs
    • New Products & Services
    • Industry Honors
  • Resources
    • Back
    • Advisory Boards
    • Industry Organizations
    • Our Sponsors
    • Advertise
    • 2022 Editorial Calendar
  • Awards
    • Back
    • 2021 MSP 501
    • Circle of Excellence
    • DE&I 101
    • Top Gun 51
    • Channel Partners 101 (CP 101)
  • Events
    • Back
    • CP Conference & Expo
    • MSP Summit
    • Channel Partners Europe
    • Channel Partners Event Coverage
    • Webinars
    • Industry Events
  • About Us
  • DE&I
    • Newsletter
  • REGISTER
  • MSPs
  • VARs / SIs
  • Agents
  • Cloud Service Providers
  • Channel Partners Events
 Channel Futures

MSSP Insider


Shutterstock

Broken Blockchain

Alert: North Korea Hackers Targeting Blockchain, Crypto Companies

  • Written by Edward Gately
  • April 20, 2022
Attackers associated with the North Korean government recently stole more than $600 in cryptocurrency.

The U.S. government is warning that Lazarus, a North Korea state-sponsored hacker group, is targeting blockchain and cryptocurrency companies.

The FBI, Cybersecurity and Infrastructure Security Agency (CISA) and the U.S. Treasury Department issued the advisory. Lazarus is targeting users in the blockchain, cryptocurrency and NFT space.

The hackers use a variety of communication platforms to encourage individuals to download trojanized cryptocurrency applications on Windows or macOS. The cyber actors then use the applications to gain access to the victim’s computer. They propagate malware across the victim’s network environment, and steal private keys or exploit other security gaps.

These activities enable additional follow-on activities that initiate fraudulent blockchain transactions.

“North Korean state-sponsored cyber actors use a full array of tactics and techniques to exploit computer networks of interest, acquire sensitive cryptocurrency-intellectual property and gain financial assets,” it said.

The U.S. government recommends implementing mitigations to protect critical infrastructure organizations, and financial sector organizations in blockchain and cryptocurrency.

Last week, the FBI confirmed hackers associated with the North Korean government stole more than $600 million in cryptocurrency reported on March 29.

Attackers Exploiting ‘Thirst for Information’

Hank Schless is Lookout‘s senior manager of security solutions. He said Lazarus has targeted financials for years with a past focus on institutions and online cryptocurrency exchanges.

Lookout's Hank Schless

Lookout’s Hank Schless

“Since cryptocurrency is a rather new technology, it presents an opportunity for threat actors to socially engineer targets,” he said. “Crypto investors are constantly looking for an edge in the market or what the next big currency that’s going to explode in value. Attackers can use this thirst for information to get users to download malicious apps or share login credentials for legitimate trading platforms they use.”

The attacker could then use the malicious app to exfiltrate additional data from the device it’s on, Schless said. They could also take the stolen login credentials and try them across any number of cloud apps.

To increase the likelihood of success, attackers target users across both mobile devices and cloud platforms, Schless said.

“For example, at Lookout, we discovered almost 200 malicious cryptocurrency apps on the Google Play Store,” he said. “Most of these applications advertised themselves as mining services in order to entice users to download them.”

Big Money Draws Threat Actors

Chris Morgan is Digital Shadows‘ senior cyber threat intelligence analyst. He said crypto investors are making big money, but often storing it on insecure locations. Therefore, threat actors will naturally navigate their activities towards targeting such environments.

Digital Shadows' Chris Morgan

Digital Shadows’ Chris Morgan

“For consumers, much of the fraudulent activity targeting accounts results from a lack of awareness and ignorance of the risk,” he said. “Many users are continuing to operate in an insecure fashion that can leave them susceptible to attacks. For crypto and NFT platforms, it is imperative the platform’s security maturity can minimize the considerable risk facing users. This includes robust vulnerability assessments to identify bugs and ensuring regular awareness programs for consumers in how to spot suspicious behavior.”

Ensuring that guidance is provided on safe usage will create a safer environment for users, Morgan said.

John Bambenek is Netenrich‘s principal threat hunter.

Netenrich's John Bambaneck

Netenrich’s John Bambaneck

“The attacks on cryptocurrency will rise and fall based on the number of novice users there,” he said. “Cryptocurrency is such a ripe space for fraud because protecting yourself is complicated and people are still learning how to do it. Your uncle who can’t stop talking about how much he’s made in Doge is also the guy who’s DVD player is flashing 12:00 in front because he can’t set the time on it.”

North Korea to Continue Attacks

North Korea and Lazarus have focused on cryptocurrency threats for years, Bambenek said. That’s because North Korea is a highly-sanctioned country. Therefore, this lets them acquire assets they can use to further their governmental objectives.

“This will continue until North Korea becomes a respectable member of the international community or the sweet meteor of death finally comes and ends all life on earth,” he said. “The latter is the more accurate scenario.”

Coalfire's Karl Steinkamp

Coalfire’s Karl Steinkamp

Karl Steinkamp is director of Coalfire. He said bad actors will target any technology and/or platform that is successful in obtaining broad user adoption.

“Application exchanges will continue to build in detective controls on their respective platforms … to help business and users mitigate risks,” he said. “As we have seen with other malware variants, users and businesses need to be aware that crypto asset malware will eventually target every platform and technology means to attempt to lure users into clicking on or downloading something malicious.”

Want to contact the author directly about this story? Have ideas for a follow-up article? Email Edward Gately or connect with him on LinkedIn.
Tags: MSPs Best Practices Cloud Mobility & Wireless MSSP Insider Security

Most Recent


  • Twenty, 20
    The CF List: 2022's 20 Top SD-WAN Providers You Should Know
    A leading SD-WAN provider has to show greater value across a number of different domains.
  • Clouds around globe
    AWS Reaches 80 More Countries, Adds Public Sector to Ingram Micro Cloud
    Find out what’s going on at the world’s largest public cloud provider and the prominent cloud distributor.
  • Look ahead
    Marketing All-Stars Share Their Focus for 2022 and Beyond
    Where do our CMO roundtable members expect to be concentrating their efforts in the months ahead?
  • 6 Takeaways from the Ingram Micro Executive Panel
    “Ingram's role is to be the enabler of an ecosystem,” one panelist said.

Leave a comment Cancel reply

-or-

Log in with your Channel Futures account

Alternatively, post a comment by completing the form below:

Your email address will not be published. Required fields are marked *

Related Content

  • Vulnerability
    ESET: Millions Using Lenovo Laptops Potentially Vulnerable to Malware Attacks
  • cybersecurity strategy
    The Gately Report: CP Expo Edition with Trellix's Kristi Houssiere, Cybersecurity Peer Group, More
  • Full wallet
    The Gately Report: Delinea Focused on Expanding Partners' 'Wallet Share,' Zoom Shells Out for Bug Bounties
  • Cloud security
    Google Cloud Takes on Rivals AWS, Azure in Broader Pursuit of MSSPs

Upcoming Events

View all

Channel Partners Europe

June 14, 2022 - June 15, 2022

MSP Summit

September 13, 2022 - September 16, 2022

Galleries

View all

The CF List: 2022’s 20 Top SD-WAN Providers You Should Know

May 18, 2022

Marketing All-Stars Share Their Focus for 2022 and Beyond

May 18, 2022

6 Takeaways from the Ingram Micro Executive Panel

May 17, 2022

Industry Perspectives

View all

A Sneak Peek at the 2022 BrightCloud Threat Report

May 17, 2022

Build Customers for Life with CX and Lifecycle Selling

May 16, 2022

Voice Analytics Are a Must-Have as Companies Evolve COVID-Rushed Tech

May 12, 2022

Webinars

View all

Simplifying SaaS Security for MSPs

April 27, 2022

How to Supercharge The Network to Support Your IT Superhero Moves

May 3, 2022

The 2022 MSP Challenge: Scale Service Delivery Despite the Talent Gap

April 21, 2022

White Papers

View all

The New Bottom Line: How MSPs Can Meet the Healthcare Crisis While Evolving Their Businesses

April 19, 2022

How to build a Security Operations Center (on a budget)

April 4, 2022

The AT&T Cybersecurity Incident Response Toolkit

April 4, 2022

Channel Futures TV

View all

AT&T, Microsoft, Cisco, ThreatLocker on Unlocking Partner Potential

Agents Share ‘Secrets,’ Industry Opportunity

May 11, 2022

Vonage Addresses Potential Partner Opportunity via Acquisition by Ericsson

May 5, 2022

Lumen Technologies ‘Built for Growth and Scale’

May 4, 2022

Twitter

ChannelFutures

[email protected] now reaches 177 countries — 80 more regions for the channel to target. And #AWS has a new #publicsector… twitter.com/i/web/status/1…

May 18, 2022
ChannelFutures

Our CMO roundtable series concludes with members’ predictions on what their primary focus will be in the months ahe… twitter.com/i/web/status/1…

May 18, 2022
ChannelFutures

“@IngramMicroInc's role is to be the enabler of an ecosystem,” @SahooSanj said at the company's cloud summit.… twitter.com/i/web/status/1…

May 18, 2022
ChannelFutures

Take a sneak peak at BrightCloud's 2022 Threat Report. #Channel Partners #CyberThreats @Webroot… twitter.com/i/web/status/1…

May 18, 2022
ChannelFutures

#GoogleCloudSummit unveils new solutions for #zerotrust, supply chain security. @googlecloud dlvr.it/SQZ2By https://t.co/37buEDQ030

May 18, 2022
ChannelFutures

.@Veeam CEO @anandeswaran is gunning for outsized share of data protection market at #veeamOn2022… twitter.com/i/web/status/1…

May 18, 2022
ChannelFutures

#ChannelEurope keynote with @contextworld addresses partners staying calm amid market volatility.… twitter.com/i/web/status/1…

May 17, 2022
ChannelFutures

Read about how the partnership between @AryakaNetworks and @AppSmartcom is a milestone for both companies.… twitter.com/i/web/status/1…

May 17, 2022

MSSP Insider

Business advice for MSSPs and news from the broader security channel.

Newsletters and Updates

Sign up for The Channel Report, Channel Futures Update, MSP 501 Newsletter and more.

Live Channel Events

Get the latest information on the next industry-leading Channel Partners event.

Galleries

Educational slide shows and images from live events.

Media Kit And Advertising

Want to reach our audience? Access our media kit.

DISCOVER MORE FROM INFORMA TECH

  • Channel Partners Events
  • Telecoms.com
  • MSP 501
  • Black Hat
  • IoT World Today
  • Omdia

WORKING WITH US

  • Contact
  • About Us
  • Advertise
  • Newsletter

FOLLOW Channel Futures ON SOCIAL

  • Privacy
  • CCPA: “Do Not Sell My Data”
  • Cookie Policy
  • Terms
Copyright © 2022 Informa PLC. Informa PLC is registered in England and Wales with company number 8860726 whose registered and Head office is 5 Howick Place, London, SW1P 1WG.
This website uses cookies, including third party ones, to allow for analysis of how people use our website in order to improve your experience and our services. By continuing to use our website, you agree to the use of such cookies. Click here for more information on our Cookie Policy and Privacy Policy.
X