https://www.channelfutures.com/wp-content/themes/channelfutures_child/assets/images/logo/footer-new-logo.png
  • Home
  • Technologies
    • Back
    • SDN/SD-WAN
    • Cloud
    • RMM/PSA
    • Security
    • Telephony/UC/Collaboration
    • Cable
    • Mobility & Wireless
    • Fiber/Ethernet
    • Data Centers
    • Backup & Disaster Recovery
    • IoT
    • Desktop
    • Artificial Intelligence
    • Analytics
  • Strategy
    • Back
    • Mergers and Acquisitions
    • Channel Research
    • Business Models
    • Distribution
    • Technology Solutions Brokerages
    • Sales & Marketing
    • Best Practices
    • Vertical Markets
    • Regulation & Compliance
  • MSP 501
    • Back
    • Complete 2023 MSP 501 Rankings
    • 2023 MSP 501 50-1
    • 2023 MSP 501 100-51
    • 2023 MSP 501 150-101
    • 2023 MSP 501 200-151
    • 2023 MSP 501 250-201
    • 2023 MSP 501 300-251
    • 2023 MSP 501 350-301
    • 2023 MSP 501 400-351
    • 2023 MSP 501 450-401
    • 2023 MSP 501 501-451
    • NextGen 101 Rankings
  • Intelligence
    • Back
    • Galleries
    • Podcasts
    • From the Industry
    • Reports/Digital Issues
    • Webinars
    • White Papers
  • Channel Futures TV
  • EMEA
  • Channel Chatter
    • Back
    • People on the Move
    • New/Changing Channel Programs
    • New Products & Services
    • Industry Honors
  • Resources
    • Back
    • Channel Futures 20: Top Tech Providers
    • Advisory Boards
    • Industry Organizations
    • Our Sponsors
    • Advertise
    • 2023 Editorial Calendar
  • Awards
    • Back
    • 2023 MSP 501
    • 2023 NextGen 101
    • Channel Influencers
    • Circle of Excellence
    • DE&I 101
    • Technology Advisor 101 (TA 101)
    • Channel Leaders Lists
  • Events
    • Back
    • 2024 CP Expo Call for Speakers
    • Channel Futures Leadership Summit
    • MSP Summit
    • CP Conference & Expo
    • Channel Partners Europe
    • Channel Partners Event Coverage
    • Webinars
    • Industry Events
  • About Us
  • DE&I
Channel Futures
  • NEWSLETTER
  • Home
  • Technologies
    • Back
    • SDN/SD-WAN
    • Cloud
    • RMM/PSA
    • Security
    • Telephony/UC/Collaboration
    • Cable
    • Mobility & Wireless
    • Fiber/Ethernet
    • Data Centers
    • Backup & Disaster Recovery
    • IoT
    • Desktop
    • Artificial Intelligence
    • Analytics
  • Strategy
    • Back
    • Mergers and Acquisitions
    • Channel Research
    • Business Models
    • Distribution
    • Technology Solutions Brokerages
    • Sales & Marketing
    • Best Practices
    • Vertical Markets
    • Regulation & Compliance
  • MSP 501
    • Back
    • Complete 2023 MSP 501 Rankings
    • 2023 MSP 501 50-1
    • 2023 MSP 501 100-51
    • 2023 MSP 501 150-101
    • 2023 MSP 501 200-151
    • 2023 MSP 501 250-201
    • 2023 MSP 501 300-251
    • 2023 MSP 501 350-301
    • 2023 MSP 501 400-351
    • 2023 MSP 501 450-401
    • 2023 MSP 501 501-451
    • NextGen 101 Rankings
  • Intelligence
    • Back
    • Galleries
    • Podcasts
    • From the Industry
    • Reports/Digital Issues
    • Webinars
    • White Papers
  • Channel Futures TV
  • EMEA
  • Channel Chatter
    • Back
    • People on the Move
    • New/Changing Channel Programs
    • New Products & Services
    • Industry Honors
  • Resources
    • Back
    • Channel Futures 20: Top Tech Providers
    • Advisory Boards
    • Industry Organizations
    • Our Sponsors
    • Advertise
    • 2023 Editorial Calendar
  • Awards
    • Back
    • 2023 MSP 501
    • 2023 NextGen 101
    • Channel Influencers
    • Circle of Excellence
    • DE&I 101
    • Technology Advisor 101 (TA 101)
    • Channel Leaders Lists
  • Events
    • Back
    • 2024 CP Expo Call for Speakers
    • Channel Futures Leadership Summit
    • MSP Summit
    • CP Conference & Expo
    • Channel Partners Europe
    • Channel Partners Event Coverage
    • Webinars
    • Industry Events
  • About Us
  • DE&I
    • Newsletter
  • REGISTER
  • MSPs
  • VARs / SIs
  • Agents
  • Cloud Service Providers
  • Channel Partners Events
 Channel Futures

MSSP Insider


Shutterstock

Broken Blockchain

Alert: North Korea Hackers Targeting Blockchain, Crypto Companies

  • Written by Edward Gately
  • April 20, 2022
Attackers associated with the North Korean government recently stole more than $600 in cryptocurrency.

The U.S. government is warning that Lazarus, a North Korea state-sponsored hacker group, is targeting blockchain and cryptocurrency companies.

The FBI, Cybersecurity and Infrastructure Security Agency (CISA) and the U.S. Treasury Department issued the advisory. Lazarus is targeting users in the blockchain, cryptocurrency and NFT space.

The hackers use a variety of communication platforms to encourage individuals to download trojanized cryptocurrency applications on Windows or macOS. The cyber actors then use the applications to gain access to the victim’s computer. They propagate malware across the victim’s network environment, and steal private keys or exploit other security gaps.

These activities enable additional follow-on activities that initiate fraudulent blockchain transactions.

“North Korean state-sponsored cyber actors use a full array of tactics and techniques to exploit computer networks of interest, acquire sensitive cryptocurrency-intellectual property and gain financial assets,” it said.

The U.S. government recommends implementing mitigations to protect critical infrastructure organizations, and financial sector organizations in blockchain and cryptocurrency.

Last week, the FBI confirmed hackers associated with the North Korean government stole more than $600 million in cryptocurrency reported on March 29.

Attackers Exploiting ‘Thirst for Information’

Hank Schless is Lookout‘s senior manager of security solutions. He said Lazarus has targeted financials for years with a past focus on institutions and online cryptocurrency exchanges.

Lookout's Hank Schless

Lookout’s Hank Schless

“Since cryptocurrency is a rather new technology, it presents an opportunity for threat actors to socially engineer targets,” he said. “Crypto investors are constantly looking for an edge in the market or what the next big currency that’s going to explode in value. Attackers can use this thirst for information to get users to download malicious apps or share login credentials for legitimate trading platforms they use.”

The attacker could then use the malicious app to exfiltrate additional data from the device it’s on, Schless said. They could also take the stolen login credentials and try them across any number of cloud apps.

To increase the likelihood of success, attackers target users across both mobile devices and cloud platforms, Schless said.

“For example, at Lookout, we discovered almost 200 malicious cryptocurrency apps on the Google Play Store,” he said. “Most of these applications advertised themselves as mining services in order to entice users to download them.”

Big Money Draws Threat Actors

Chris Morgan is Digital Shadows‘ senior cyber threat intelligence analyst. He said crypto investors are making big money, but often storing it on insecure locations. Therefore, threat actors will naturally navigate their activities towards targeting such environments.

Digital Shadows' Chris Morgan

Digital Shadows’ Chris Morgan

“For consumers, much of the fraudulent activity targeting accounts results from a lack of awareness and ignorance of the risk,” he said. “Many users are continuing to operate in an insecure fashion that can leave them susceptible to attacks. For crypto and NFT platforms, it is imperative the platform’s security maturity can minimize the considerable risk facing users. This includes robust vulnerability assessments to identify bugs and ensuring regular awareness programs for consumers in how to spot suspicious behavior.”

Ensuring that guidance is provided on safe usage will create a safer environment for users, Morgan said.

John Bambenek is Netenrich‘s principal threat hunter.

Netenrich's John Bambaneck

Netenrich’s John Bambaneck

“The attacks on cryptocurrency will rise and fall based on the number of novice users there,” he said. “Cryptocurrency is such a ripe space for fraud because protecting yourself is complicated and people are still learning how to do it. Your uncle who can’t stop talking about how much he’s made in Doge is also the guy who’s DVD player is flashing 12:00 in front because he can’t set the time on it.”

North Korea to Continue Attacks

North Korea and Lazarus have focused on cryptocurrency threats for years, Bambenek said. That’s because North Korea is a highly-sanctioned country. Therefore, this lets them acquire assets they can use to further their governmental objectives.

“This will continue until North Korea becomes a respectable member of the international community or the sweet meteor of death finally comes and ends all life on earth,” he said. “The latter is the more accurate scenario.”

Coalfire's Karl Steinkamp

Coalfire’s Karl Steinkamp

Karl Steinkamp is director of Coalfire. He said bad actors will target any technology and/or platform that is successful in obtaining broad user adoption.

“Application exchanges will continue to build in detective controls on their respective platforms … to help business and users mitigate risks,” he said. “As we have seen with other malware variants, users and businesses need to be aware that crypto asset malware will eventually target every platform and technology means to attempt to lure users into clicking on or downloading something malicious.”

Want to contact the author directly about this story? Have ideas for a follow-up article? Email Edward Gately or connect with him on LinkedIn.
Tags: MSPs MSSP Insider Best Practices Cloud Mobility & Wireless Security

Most Recent


  • Cisco acquisition of Splunk gets partner reaction
    Partners Hope Splunk Keeps 'Pace of Innovation' in Cisco Acquisition
    All will be well if Cisco integrates Splunk the way it integrated Meraki, a partner told Channel Futures.
  • Broadcom-VMware and China
    Broadcom-VMware Hits Snag in China as IT Incurs Too-High Cloud Costs
    Our latest cloud news roundup features an acquisition update, looks at research you need to know, and more.
  • cloud marketplaces
    Haven’t Drunk the Cloud Marketplaces Kool-Aid? It’s About Time You Did
    The Ultimate Partner's Vince Menzione explains why channel partners (small ones, too) need to get on board.
  • Red Hat partner program getting a revamp
    Red Hat Partner Program Set for Revamp
    Red Hat is overhauling its partner program to better reflect its ecosystem of partners, says a channel exec.

Leave a comment Cancel reply

-or-

Log in with your Channel Futures account

Alternatively, post a comment by completing the form below:

Your email address will not be published. Required fields are marked *

Related Content

  • Vulnerability, 3 vulnerabilities
    ESET: Millions Using Lenovo Laptops Potentially Vulnerable to Malware Attacks
  • cybersecurity strategy
    The Gately Report: CP Expo Edition with Trellix's Kristi Houssiere, Cybersecurity Peer Group, More
  • Full wallet
    The Gately Report: Delinea Focused on Expanding Partners' 'Wallet Share,' Zoom Shells Out for Bug Bounties
  • Cloud security
    Google Cloud Takes on Rivals AWS, Azure in Broader Pursuit of MSSPs

Upcoming Events

View all

Channel Futures Leadership Summit

October 30, 2023 - November 2, 2023

Channel Partners Conference & Expo

March 11, 2024 - March 14, 2024

Channel Futures Leadership Summit 2024

September 17, 2024 - September 19, 2024

Galleries

View all

Broadcom-VMware Hits Snag in China as IT Incurs Too-High Cloud Costs

September 22, 2023

Cisco’s Splunk Acquisition ‘True Bombshell Move,’ Will Have Massive Impact on Cybersecurity

September 21, 2023

Cisco SMB Business Gets Updated Sales Coverage Model, New Investments

September 21, 2023

Industry Perspectives

View all

Why Conversational AI Matters for Your Customers and How It Can Boost Your Revenue

September 15, 2023

The 5 Ds that Lead to Unplanned Business Sales

September 13, 2023

Hot Generative AI Market Must ‘Cool Down’

August 28, 2023

Webinars

View all

MSP 501: Leadership in Cybersecurity

October 19, 2023

DE&I: Find the Balance that Works for You

September 7, 2023

Above and Beyond with the NextGen 101ers

August 30, 2023

White Papers

View all

6 UCaaS Reseller Challenges and How Real World Businesses Solved Them

February 1, 2023

Frost Radar: North American UCaaS Market, 2022

February 1, 2023

The Complete Guide to White-Label UCaaS for Reseller Success

February 1, 2023

Channel Futures TV

View all

Coffee with Craig and James Episode 129: ZLH Enterprises

Coffee with Craig and James Episode 128: Channel Partner Strategies Intelligence Service

August 25, 2023

Coffee with Craig and James Episode 127: Expereo, Movie Night Returns

August 18, 2023

Coffee with Craig and James Episode 126: ARG

July 28, 2023

MSP 501

The industry's largest and most comprehensive partner awards program.

Newsletters and Updates

Sign up for The Channel Report, Channel Futures Update, MSP 501 Newsletter and more.

Live Channel Events

Get the latest information on the next industry-leading Channel Partners event.

Galleries

Educational slide shows and images from live events.

Media Kit And Advertising

Want to reach our audience? Access our media kit.

DISCOVER MORE FROM INFORMA TECH

  • Channel Partners Events
  • Telecoms.com
  • MSP 501
  • Black Hat
  • IoT World Today
  • Omdia

WORKING WITH US

  • Contact
  • About Us
  • Advertise
  • Newsletter

FOLLOW Channel Futures ON SOCIAL

  • Privacy
  • CCPA: “Do Not Sell My Data”
  • Cookie Policy
  • Terms
Copyright © 2023 Informa PLC. Informa PLC is registered in England and Wales with company number 8860726 whose registered and Head office is 5 Howick Place, London, SW1P 1WG.
This website uses cookies, including third party ones, to allow for analysis of how people use our website in order to improve your experience and our services. By continuing to use our website, you agree to the use of such cookies. Click here for more information on our Cookie Policy and Privacy Policy.
X