North Korean hackers stole billions of dollars in cryptocurrency

Hackers from North Korea have infiltrated hundreds of companies around the world, including large corporations, to steal trade secrets and cryptocurrency, according to security researchers. The topic was addressed at a conference focused on cyberspace threats held last Friday (22), in the United States.

According to Microsoft analysts, the attackers sponsored by the North Korean government pose as IT experts to be hired, using fake identities and LinkedIn profiles with invented information. Many of them use AI to modify photos and voices.

Deceiving recruiters, they are hired to work remotely, receiving laptops at addresses in the USA. On the laptops, facilitators who are part of the scheme install programs so that North Korean spies can access files and other data without revealing their true location.

The Redmond giant reported having also observed cybercriminals involved in this action operating from Russia and China. In one such campaign, the group known as “Ruby Sleet” compromised data from aerospace and defense companies to improve North Korea’s navigation and weapons systems.

Cryptocurrency theft

In another scheme uncovered by Microsoft, members of the “Sapphire Sleet” group pretended to be investors and recruiters to steal cryptocurrency from companies and individuals. They set up virtual meetings with potential victims and tricked the targets into downloading a tool for video calling and another for skills assessment.

However, these programs contained malware to hack crypto wallets that were installed silently. In just six months, the method made it possible to steal US$$ 10 million in crypto assets (R$$ 59.8 million at the exchange rate of the day), according to the report.

Source: Tecmundo