The FBI has seized the Blocknovas website linked to North Korean hackers from the Lazarus Group. These hackers used fake U.S. businesses to spread malware among cryptocurrency developers. The operations included phishing attacks through fraudulent job offers, aiming to steal credentials and compromise wallets. The Lazarus Group is notorious for significant cyber attacks, including a recent $1.4 billion hack on Bybit.
The FBI has recently taken action against a website called Blocknovas, which was linked to North Korean hackers engaged in a scheme to distribute malware targeting the cryptocurrency sector. These hackers, thought to be part of the notorious Lazarus Group, established fake businesses in the U.S. to lure in unsuspecting crypto developers. Cybersecurity firm Silent Push reported that companies like Blocknovas LLC and Softglide LLC were created with fake identities, violating international sanctions and putting numerous developers at risk.
The criminal activities included offering job opportunities that led to sophisticated malware deployments. These attacks were primarily aimed at compromising cryptocurrency wallets and harvesting sensitive user credentials. With the FBI’s seizure of Blocknovas, the agency is making strides to combat the rampant cyber deception associated with this malware distribution. This campaign reported numerous victims and emphasised Blocknovas as a prominent front in these malicious operations.
This phishing scheme is just one part of North Korea’s extensive cyber efforts. The Lazarus Group is infamous for executing high-profile cyber attacks, most notably a staggering $1.4 billion heist on crypto exchange Bybit earlier this year. The FBI is actively pursuing measures to escalate risks and enforce accountability for individuals facilitating such cybercriminal activities, as the pressure continues on this nefarious group.
