Image: narvikk/GettyImages
Hacking. Disinformation. Surveillance. CYBER is Motherboard's podcast and reporting on the dark underbelly of the internet.
Advertisement
Advertisement
Kaspersky Lab researchers believe BlueNoroff is linked to the notorious Lazarus group, a hacking team that is widely believed to be working for the North Korean government. This is the group behind spectacular hacks such as the one against Sony Pictures Entertainment in 2014, or the one against the Bangladesh Bank, where they almost stole $1 billion dollars. The group has long been focused on stealing money to fund their government, which is hamstrung by international economic sanctions. Researchers noted that they do not believe DCG or the other affected companies were hacked, but simply that the hackers impersonated them or their workers. The hackers’ attacks initially rely on phishing and social engineering, but also involve more technical work. For example, one of the ways they stole cryptocurrency, once they hacked into a target’s computer, was to inject their own code whenever the target was moving cryptocurrency to redirect the transaction. This attack involved analyzing the MetaMask Chrome extension and rewriting transaction details in a way that the target doesn’t immediately notice.Do you research vulnerabilities on cryptocurrencies and their networks? Do you track hackers who target cryptocurrencies? We’d love to hear from you. You can contact Lorenzo Franceschi-Bicchierai securely on Signal at +1 917 257 1382, Wickr/Telegram/Wire @lorenzofb, or email lorenzofb@vice.com
Advertisement