Japan’s national mother and father pinned North Korean hacking group, Lazarus, because the organization behind numerous years of crypto-related cyber attacks.
Within the public advisory statement sent on March. 14, Japan’s National Police Agency (NPA) and Financial Services Agency (FSA) sent an alert towards the country’s crypto-asset companies, asking to remain vigilant of “phishing” attacks through the hacking groupaimed at stealing crypto assets.
The advisory statement is called “public attribution,” and according to local reports, may be the fifth amount of time in history the government has issued this type of warning.
The statement warns the hacking group uses social engineering to orchestrate phishing attacks — impersonating executives of the target company to bait employees into clicking malicious links or attachments:
“This cyber attack group transmits phishing emails to employees impersonating executives from the target company […] through social networks with false accounts, pretending to work transactions […] The cyber-attack group [then] uses the adware and spyware like a foothold to get into the victim’s network.”
Based on the statement, phishing is a common mode of attack utilized by North Korean online hackers, using the NPA and FSA advocating targeted companies to have their “private keys within an offline environment” and also to “not open email attachments or hyperlinks carelessly.”
The statement added that folks and companies should “not download files from sources apart from individuals whose authenticity could be verified, specifically for applications associated with cryptographic assets.”
The NPA also recommended that digital asset holders “install security software,” strengthen identity authentication mechanisms by “implementing multi-factor authentication” and never make use of the same password for multiple devices or services.
The NPA confirmed that a number of these attacks happen to be effectively transported out against Japanese-based digital asset firms, but didn’t disclose any sort of details.
Related: ‘Nobody is holding them back’ — North Korean cyber-attack threat increases
Lazarus Group is allegedly associated with North Korea’s Reconnaissance General Bureau, a government-run foreign intelligence group.
Katsuyuki Okamoto of multinational IT firm Trend Micro Coupon told The Yomiuri Shimbun that “Lazarus initially targeted banks in a variety of countries, but lately it’s been aiming at crypto assets which are managed more loosely.”
They’ve been charged with to be the online hackers behind the $650 million Ronin Bridge exploit in March, and were recognized as suspects within the $100 million attack from layer-1 blockchain Harmony.