North Korean hackers are targeting leading crypto organizations
Arthur Cheong, the founder of DeFiance Capital, believes North Korean hackers are actively looking to compromise top crypto organizations. He shared this information through a tweetstorm on April 15, citing research from leading cybersecurity experts. Specifically, Cheong mentioned a hacker group dubbed BlueNorOff, which is sponsored by the North Korean government.
According to him, BlueNorOff’s recent social engineering attacks prove the group has mapped the relationship graph of the entire crypto space. He added that this ability helps the hacker group come up with phishing emails that have a high probability of slipping through the defenses of most crypto organizations.
5/ Once the current attack method gets less effective, such as a trojanized DeFi App and Wallet attack discovered lately. Given the success, it is likely North Korea will dedicate more resources to this group to scale up the intensity of the attack.https://t.co/uogzBha4BB
— Arthur 🌔⛩️🦔👻 (@Arthur_0x) April 15, 2022
Notably, BlueNorOff is not the only North Korean cybercrime group targeting the crypto space. In the past week, the US Treasury Department linked Lazarus, an infamous North Korean hacking group, to the theft of over $625 million from the Axie Infinity Ronin bridge.
How to bolster security
To help crypto organizations protect their operations from North Korean attacks, Cheong teamed up with Jun Hao, a cybersecurity expert, to propose viable solutions for the problem at hand.
Among the resolves that the duo came up with is storing on-chain crypto assets on enterprise-grade custodial solutions. According to Cheong, Externally Owned Accounts (EOAs) secured by a hardware wallet do not offer enough protection because attackers can insert a false Metamask browser extension and initiate the approval of unintended transactions.
He proposed using multi-signature wallets like Gnosis Safe, seeing as they are secured by several hardware wallets. For more security, Cheong recommends that crypto platforms adopt custody solutions with multisig two-factor authentication (2FA). These include Fireblocks, Copper, and Qredo, to name a few.
Cheong also suggested implementing 2FA for all sign-ins, bookmarking frequently used crypto dApp websites, rescinding unnecessary token approval, using dedicated computers for crypto transactions, and exercising due diligence while hiring remote software engineers and developers.
This news comes as hackers continue launching large-scale attacks on DeFi protocols, with the latest victim being Beanstalk Farms. The protocol lost more than $180 million after malicious actors leveraged a flash loan exploit yesterday.