North Korea, notorious for its involvement in cryptocurrency theft, has expanded its tactics. According to a recent study, North Korean hackers are now posing as IT workers and recruiters to infiltrate multinational companies, earn money, and access sensitive information.

Hackers Disguised as Employees of Multinational Corporations

At the Cyberwarcon cybersecurity conference, researchers revealed that North Korean hackers are now disguising themselves as remote workers for major companies. These roles include not only IT specialists but also recruiters, using employment opportunities as a cover to gain access to corporate secrets.

Two Hacker Groups Identified: Sapphire Sleet and Ruby Sleet

The study identified two major hacker groups, Sapphire Sleet and Ruby Sleet, both operating on behalf of the North Korean regime.

  1. Sapphire Sleet:
    This group targets cryptocurrency theft from individuals and companies. Hackers pose as recruiters or venture capital investors, often organizing fake meetings where victims download a "tool" that is actually malware. Through this tactic, North Korea reportedly earned $10 million in just six months.

  2. Ruby Sleet:
    This group focuses on industrial espionage, posing as employees of airline companies and targeting trade secrets. The stolen information is used to develop weapons and navigation systems.

Cryptocurrency Industry Loses $1.5 Billion

According to a report from Immunefi, a leading bug bounty platform, the cryptocurrency industry has lost $1.48 billion this year due to hacking attacks. In November 2024 alone, losses amounted to $71 million, with major victims including Thala and Dexx.

  • Thala: The company lost $26 million due to a protocol liquidity exploit. While Thala managed to freeze $11.5 million worth of assets, including its native THL token and the Move Dollar (MOD), the losses remain significant.

  • Dexx and Polter Finance: These platforms also fell victim to hackers, losing approximately $21 million (Dexx) and $12 million (Polter Finance).

  • DeltaPrime: Another notable loss was recorded in the DeltaPrime case on November 11, where $5 million was stolen.

Conclusion

North Korean hackers pose an increasing threat, not only to cryptocurrencies but also to industrial espionage and multinational companies. With their increasingly sophisticated methods, such as disguising themselves as IT workers and recruiters, it is crucial for companies to strengthen their security protocols and minimize the risks associated with cyberattacks.

#northkorea , #HackerNews , #HackerAlert , #cybersecurity , #CryptoNewss

Stay one step ahead – follow our profile and stay informed about everything important in the world of cryptocurrencies!

Notice:

,,The information and views presented in this article are intended solely for educational purposes and should not be taken as investment advice in any situation. The content of these pages should not be regarded as financial, investment, or any other form of advice. We caution that investing in cryptocurrencies can be risky and may lead to financial losses.“