ChainCatcher reported that according to The Block, the US Federal Bureau of Investigation (FBI) pointed out that North Korean cybercriminals are "actively targeting" employees in the Web3 industry to steal encrypted funds.
In a press release published on Tuesday, the FBI noted that North Korean criminals deployed sophisticated social engineering strategies to defraud individuals at cryptocurrency and decentralized finance (DeFi) companies in order to “compromise networks associated with crypto assets.” Such schemes pose a “persistent threat” to entities holding large amounts of cryptocurrencies or related products.
The FBI went on to say: “Over the past several months, North Korean malicious cyber actors have conducted research on various targets related to cryptocurrency exchange-traded funds (ETFs). This research, including pre-operational preparations, indicates that North Korean actors may conduct malicious cyber activity targeting companies associated with cryptocurrency ETFs or other cryptocurrency-related financial products.”
In addition to researching potential targets, North Korean cybercriminals impersonate well-known members of employees’ companies or create fake scenarios—tailored to the victim’s background, skills, or business interests—to gain and exploit their trust.