Police and other authorities in Japan have warned that a North Korean hacking organization known as Lazarus is likely to target Japanese crypto asset-related operators in its cyberattacks.
The warning was provided in a paper posted Saturday by the National Police Agency, the Financial Services Agency, and the National Center of Incident Readiness and Strategy for Cybersecurity.
The North Korean hacker organization, according to the document, employs strategies such as sending emails to employees of a crypto asset company while pretending to be an executive of the company and approaching them via social media in order to obtain access to the company's network and steal crypto assets.
Authorities have advised keeping secret keys to confidential data away from the internet and thinking twice before opening files attached to emails to prevent falling prey to such an attack.
North Korea's Lazarus has become notorious for being the brains behind several recent crypto attacks that have rocked the web3 space. Japan's National Police Agency (NPA) and Financial Services Agency (FSA) have issued a public cautionary statement alerting crypto companies to be on the lookout for "phishing" attempts by the Lazarus Group.
According to a statement made by the Japanese police, the Lazarus group uses social engineering to plan phishing attacks, impersonating executives of the target company in their emails to employees in an effort to trick them into clicking on harmful attachments or links.
"This cyber attack group sends phishing emails to employees impersonating executives of the target company through social networking sites with false accounts, pretending to conduct business transactions. The cyber-attack group [then] uses the malware as a foothold to gain access to the victim's network."
Recognizing that the Lazarus Group's primary method of attack was phishing, the FSA and NPA also cautioned targeted organizations to keep their "private keys in an offline environment" and to "not open email attachments or hyperlinks carelessly." The police also advised people and businesses to "not obtain files from sources other than those whose authenticity can be verified."
This is in light of recent claims that phishing is a popular technique in which victims are sent targeted emails in an effort to trick them into disclosing personal information. Recent reports claimed that Lazarus has been utilizing LinkedIn to target IT, and job seekers, with spear phishing assaults.
The NFT game Axie Infinity's Ronin Bridge, which was compromised by Lazarus Group, lost nearly $600 million in cryptocurrency. Data from Chainalysis shows that North Korean hackers stole $840 million in the first five months of 2022. This is an increase of over $200 million from the total amount of money they had looted in 2020 and 2021.
