Jane Edwards
The Cybersecurity and Infrastructure Security Agency, Department of the Treasury and the FBI have released a joint advisory on a group of North Korean state-backed advanced persistent threat actors targeting blockchain companies, cryptocurrency exchanges and other businesses in the cryptocurrency industry.
Cyberthreat actors launch intrusions by sending spearphishing messages to employees of cryptocurrency companies using various communication platforms, according to the advisory published Monday.
Spearphishing messages from North Korea-sponsored Lazarus Group offer high-paying jobs to encourage recipients to download malicious applications, called TraderTraitor, enabling hackers to compromise a victim’s computer, spread malware and steal cryptocurrency.
The advisory offers several mitigation measures to protect blockchain companies and critical infrastructure organizations from such threats, including the application of a defense-in-depth security strategy, patch management implementation, endpoint protection and enforcement of application security, credential requirements and multifactor authentication.
