2022-10-14 • JPNPA • Regarding cyber attacks targeting crypto asset-related businesses, etc. by a cyber attack group called Lazarus, which is said to be a subordinate organization of the North Korean authorities (alert) [Updated on October 14, 2020] •
https://www.npa.go.jp/bureau/cyber/pdf/R041014_cyber_alert.pdf
R041014_cyber_alert.pdf (154 KB)
Japan's National Police Agency warned that the Lazarus cyber-attack group, assessed as subordinate to North Korean authorities, had been targeting cryptocurrency-related businesses and exchanges. The advisory cites UN, FBI, CISA, and Treasury reporting and says similar activity was strongly suspected against Japanese cryptocurrency exchange operators over several years. Observed tradecraft included social-engineering emails impersonating company executives, fake social-media accounts used to approach employees under the guise of business, malware download lures, and follow-on access to victim networks for cryptocurrency theft.