Connect with us
Active Currencies 14434
Market Cap $2,630,821,578,579.80
Bitcoin Share 50.19%
24h Market Cap Change $-3.51

Japan’s NPA claims North Korea’s Lazarus Group is targeting crypto-firms

2min Read

Share this article

Lazarus, a North Korean hacking group, has been identified by Japan’s national police as the group responsible for several years’ worth of cyberattacks including cryptography.

The National Police Agency (NPA) and Financial Services Agency (FSA) of Japan issued a public advisory statement encouraging the nation’s crypto-asset enterprises to be cautious of “phishing” assaults by the hacking gang intended to steal crypto-assets. According to local accounts, this is the seventh time in history that the government has issued a “public attribution” advising statement.

How did the phishing happen?

According to the document, the North Korean hacker organization approaches employees of crypto-asset companies on social media and sends emails to them while posing as an executive of the business to access the company’s network and steal crypto-assets.

“This cyber attack group sends phishing emails to employees impersonating executives of the target company […] through social networking sites with false accounts, pretending to conduct business transactions […] The cyber-attack group [then] uses the malware as a foothold to gain access to the victim’s network.”

Authorities have advised caution when opening files attached to emails and keeping secret keys to confidential data away from the Internet to prevent falling victim to such an attack.

The 2017 WannaCry ransomware assault is thought to have been carried out by the North Korean organization too. The United States’ FBI identified the group’s involvement in a case of stolen crypto-assets valued at around $78 billion in April this year.

The NPA and FSA have urged targeted organizations to retain their “private keys in an offline environment” and to “not open email attachments or hyperlinks carelessly.” This, since phishing has reportedly been a prevalent method of attack employed by North Korean hackers.

Specifically for applications using cryptographic assets, the statement continued, people and companies should “not obtain files from sources other than those whose authenticity can be verified.”

The NPA acknowledged that several of these attacks targeting Japanese-based digital asset companies have been effective. However, it withheld any further information.

What is the Lazarus Group?

The North Korean government-run foreign intelligence organization Reconnaissance General Bureau is said to be connected to the Lazarus Group. The Yomiuri Shimbun was informed by Katsuyuki Okamoto of the international IT company Trend Micro that “Lazarus initially targeted banks in various nations, but it has recently been targeting crypto-assets that are managed more loosely.”

They were named as suspects in the $100 million Layer-1 blockchain Harmony assault. They are also suspected of being the hackers behind the $650 million Ronin Bridge breach in March.


Saman Waris works as a News Editor at AMBCrypto. She has always been fascinated by how the tides of finance and technology shape communities across demographics. Cryptocurrencies are of particular interest to Saman, with much of her writing centered around understanding how ideas like Momentum and Greater Fool theories apply to altcoins, specifically, memecoins. A graduate in history, Saman worked the sports beat before diving into crypto. Prior to joining AMBCrypto 2 years ago, Saman was a News Editor at Sportskeeda. This was preceded by her stint as Editor-in-Chief at EssentiallySports.
Read the best crypto stories of the day in less than 5 minutes
Subscribe to get it daily in your inbox.
Please check the format of your first name and/or email address.

Thank you for subscribing to Unhashed.