US authorities have issued a cybersecurity advisory highlighting the cyber threats originating from North Korea and shadowing blockchain and crypto firms. The report has blamed North Korea for state-sponsoring these cyber-attacks. The document warning North Korea against initiating such actions and listing suggestions to relevant platforms has been compiled by US’ Cybersecurity and Infrastructure Security Agency (CISA). The Federal Bureau of Investigation (FBI) and the US Treasury also joined CISA in issuing the statement.
“The US government has observed North Korean cyber actors targeting a variety of organisations in the blockchain technology and cryptocurrency industry. The cyber actors use applications to gain access to the victim’s computer, propagate malware across the victim’s network environment, and steal private keys or exploit other security gaps,” the report said.
The development comes after US authorities blamed North Korean hacking group Lazarus for the mega hack attack on Axie Infinity game’s Ronin Network that drained its developer Sky Mavis out of $625 million (roughly Rs. 4,729 crore).
In its report, the CISA has named multiple North Korean cyber groups as ‘Advanced Persistent Threat (APT)’. These include APT38, BlueNoroff, and Stardust Chollima alongside Lazarus.
“North Korean state-sponsored cyber hackers use a full array of tactics and techniques to exploit computer networks of interest, acquire sensitive cryptocurrency-intellectual property, and gain financial assets,” the report added.
The range of blockchain firms that are being targeted by hackers include crypto exchanges, decentralised finance (DeFi) protocols, play-to-earn crypto video games, trading companies, venture capital funds investing in the sector, and individual holders of large amounts of crypto assets and non-fungible tokens (NFTs).
The US government has recommended implementing mitigations to protect firms in the blockchain technology and cryptocurrency industry.
Applying defence-in-depth security strategy, enforcing credential requirements and multifactor authentication for users, educating users on social engineering, and implementing email and domain mitigations have been listed as some immediate precautionary steps that blockchain firms can use to safeguard themselves against malicious attacks.
“Create an incident response plan to respond to possible cyber intrusions. The plan should include reporting incidents to both the FBI and CISA—quick reporting can reduce the severity of incidents,” the CISA further directed.
The activities of hackers aiming at the blockchain sector have escalated in recent times.
In March this year, Li Finance (LiFi), a blockchain protocol lost nearly $600,000 (roughly Rs. 4.5 crore) from 29 crypto wallets in a breach.