The blockchain security firm SlowMist has reported that North Korea’s state-sponsored hacking group, Lazarus group, is targeting LinkedIn users in the digital asset industry as part of their latest crypto hacking malware attempts. According to SlowMist, Lazarus Group members are creating fake profiles on LinkedIn, reaching out to human resources personnel and hiring managers in various blockchain-related organizations. They send links with malicious code disguised as a display of their coding abilities, which in reality, contain dangerous malware to exploit the victim’s personal data. The hackers use various techniques to steal as much data as possible from the victim’s device and upload it to a server controlled by the attacker.
A report from a U.N. panel of experts revealed that an estimated 40% of North Korea’s weapons of mass destruction (WMD) were funded through illicit cyber means, including hacking activities. The Lazarus Group, a part of North Korea’s cyber capabilities, has reportedly stolen over $3 billion worth of digital assets globally to date. Security officials from the U.S. and its allies are concerned about the potential threats to national security posed by North Korea’s state-sponsored malware initiatives. In response to these concerns, the U.S. sanctioned a crypto mixer called Sinbad last year, which was identified as a key money-laundering tool for the regime’s digital asset exploitation efforts.
A recent blockchain intelligence firm TRM Labs report found that North Korea stole over $600 million in digital assets in 2023 alone. This highlights the growing concern over the country’s involvement in cybercrime and the need for international cooperation to combat these threats. In December, U.S. advisor of National Security, Jake Sullivan, discussed North Korea’s WMD program with diplomatic counterparts from South Korea and Japan. The enforcement action taken against Sinbad and other illicit actors involved in North Korea’s cyber activities demonstrates the U.S. government’s commitment to preventing virtual currency mixers from facilitating illicit activities.
It remains unclear whether the Lazarus Group will face any political repercussions over its latest crypto malware scheme targeting LinkedIn users in the digital asset industry. The group’s ties to North Korea’s WMD program and involvement in cybercrime activities pose a significant challenge to international security efforts. As North Korea continues to engage in illicit cyber means to fund its weapons programs, security officials and governments remain vigilant in monitoring and preventing any potential threats to national security. The collaboration between the U.S. and its allies in addressing these challenges demonstrates the importance of international cooperation in combating cyber threats from state-sponsored hacking groups like Lazarus Group.