North Korean Hackers Set Up Fake Companies in the U.S. to Target Cryptocurrency Developers
U.S. cybersecurity firm "Silent Push" revealed that hackers affiliated with North Korea established two fake companies in the United States "Blocknovas LLC" in New Mexico and "Softglide LLC" in New York using false identities and addresses to target cryptocurrency developers with malicious software
According to Silent Push’s report, these companies posted fake job advertisements to lure developers, sending them malware during the hiring process, which ultimately compromised their cryptocurrency wallets and stole their credentials
These activities have been linked to the "Lazarus" cyber group, a notorious hacking unit operating under North Korea’s primary foreign intelligence agency, the Reconnaissance General Bureau
The FBI issued a notice seizing the domain of "Blocknovas," noting that the move is part of law enforcement efforts against North Korean cyber operations that utilized this domain to deceive individuals with fake job ads and distribute malware
The establishment of these companies constitutes a violation of sanctions imposed by the U.S. Treasury Department and the United Nations, which prohibit North Korea from engaging in commercial activities that support its government or military
This move is part of a broader series of cyber operations conducted by North Korea to finance its nuclear and missile programs by targeting the cryptocurrency sector