Japan’s national police have identified the cybercriminal activity patterns of the North Korean Lazarus Group. The hackers have been targeting Japan’s crypto industry for many years using phishing.
According to the report called “public attribution,” revealed on Oct 14, the group follows a certain pattern, which is using phishing links to gain access to crypto wallet assets.
“This cyber attack group sends phishing emails to employees impersonating executives of the target company [...] through social networking sites with false accounts,” the statement said.
Japan’s National Police Agency (NPA) and Financial Services Agency (FSA) have warned all crypto-based businesses to stay alert for the attacks that could possibly be from the hacking group.
“Lazarus initially targeted banks in various countries, but recently it has been aiming at crypto assets that are managed more loosely,” says Katsuyuki Okamoto of Trend Micro.
This is the fifth time Japan has given a national warning to its businesses and citizens about a security threat. After all, the country comprises the biggest crypto industry market in the world.
NPA and FSA have instructed companies to use private keys in offline environments and to never open document attachments from malicious email addresses. Users should also install security software.
Lazarus has a huge history of stealing assets from banks and now crypto firms. The group is said to be controlled by North Korea’s Reconnaissance General Bureau, an intelligence agency.