North Korea Employs Social Engineering Tactics to Target Crypto and DeFi Firms, Warns FBI

North Korea Employs Social Engineering Tactics to Target Crypto and DeFi Firms, Warns FBI

North Korea is using advanced social engineering tactics to breach the security of cryptocurrency and decentralized finance (DeFi) companies. This information comes straight from the U.S. Federal Bureau of Investigation (FBI).

According to a recent FBI announcement, North Korean cybercriminals are specifically targeting employees at firms linked to crypto exchange-traded funds (ETFs).

Before making contact, these actors do their homework. They check social media profiles, especially on professional networking sites. By gathering personal details about their targets—like backgrounds, skills, and job interests—they craft tailored scenarios that appeal directly to the individual.

Often, these scenarios involve enticing job offers or promises of investment opportunities. The cybercriminals speak fluent English and show a solid understanding of cryptocurrency. They even reference obscure personal details to seem more legitimate.

The goal? To build a rapport with their targets. They engage in extended conversations, making it easier to deliver malware in a way that feels natural.

The FBI has identified several red flags that employees should watch out for:

  • Requests to run code or download applications on company devices.
  • Requests for a “pre-employment test” that involves unfamiliar coding packages or scripts.
  • Unexpected job offers from well-known firms with unrealistically high pay.
  • Unsolicited investment offers that haven’t been discussed before.
  • Pressure to use unusual software for basic tasks.
  • Requests to run scripts for video calls that are supposedly blocked.
  • Suggestions to move conversations to other messaging platforms.
  • Unexpected messages with strange links or attachments.

The FBI advises employees to verify the identities of their contacts through different channels. It’s also best to avoid taking pre-employment tests on work laptops.

Additionally, firms should keep information about crypto wallets offline. They should implement multi-factor authentication for financial transactions. Limiting access to sensitive documentation is crucial. Companies should also funnel communications through secure platforms that require in-person verification and disable email attachments by default.

By staying vigilant and following these guidelines, employees can help protect themselves and their companies from potential threats.