North Korean Hackers Set Up Fake Companies in the U.S. to Target Cryptocurrency Developers

U.S. cybersecurity firm "Silent Push" revealed that hackers affiliated with North Korea established two fake companies in the United States  "Blocknovas LLC" in New Mexico and "Softglide LLC" in New York  using false identities and addresses to target cryptocurrency developers with malicious software

According to Silent Push’s report, these companies posted fake job advertisements to lure developers, sending them malware during the hiring process, which ultimately compromised their cryptocurrency wallets and stole their credentials

These activities have been linked to the "Lazarus" cyber group, a notorious hacking unit operating under North Korea’s primary foreign intelligence agency, the Reconnaissance General Bureau

The FBI issued a notice seizing the domain of "Blocknovas," noting that the move is part of law enforcement efforts against North Korean cyber operations that utilized this domain to deceive individuals with fake job ads and distribute malware

The establishment of these companies constitutes a violation of sanctions imposed by the U.S. Treasury Department and the United Nations, which prohibit North Korea from engaging in commercial activities that support its government or military

This move is part of a broader series of cyber operations conducted by North Korea to finance its nuclear and missile programs by targeting the cryptocurrency sector