Japan’s authorities warned that the North Korean hacking group Lazarus is planning phishing and social engineering operations against crypto businesses.
Local crypto firms were recently alerted to new hacking attempts by local police, Japan’s financial regulator, and the National Center of Incident Readiness and Strategy. They also outlined safeguards for keeping an eye on breaches.
Profits from the hacks are thought to support North Korea’s nuclear weapons program because Lazarus is a state-sponsored organization.
The organization has also been linked to using Tornado Cash, a cryptocurrency mixer that was recently approved by the US Treasury, to hide the source of stolen money.
Authorities warned that enhanced private key management and other security measures are necessary but did not specify which crypto firms Lazarus had targeted.
They urged both people and businesses to take preventative precautions, such as making sure that downloaded files came from reputable sources, that online application interfaces were trustworthy, and that private keys were kept offline, like on a hardware wallet.
Since its founding in 2009, Lazarus is thought to have stolen crypto assets valued at more than $1.75 billion, according to Chainalysis’ findings from a year ago. The organization is responsible for a number of cryptocurrency exchange hacks, including the $49 million cryptocurrency theft from Upbit in 2019.
Police reportedly opened an investigation within a special investigation team after multiple organizations had their internal systems breached and cryptocurrency taken. Lazarus was ultimately identified as the culprit.
According to a local report by Japan News, it is uncommon to identify a suspected assailant before taking a more significant step, such as making an arrest.
However, publicly outing the group is also seen as an effective measure to prevent attacks, as it may inspire people to take action and remain vigilant.