North Korean Hackers Steal Millions with Fake Domain Names

A recent report from Kaspersky Labs has revealed that the North Korean hacking group “BlueNoroff” has stolen millions of dollars through the creation of over seventy fake domain names that are passed off as banks and venture capital firms. The majority of the fake domains pretended to be well-known Japanese businesses, but some also claimed to be American and Vietnamese businesses. The group has been found to use new file formats and virus distribution techniques to intercept large cryptocurrency transactions and drain accounts in a single transaction by changing the recipient’s address and increasing the transfer amount.

Investigation into BlueNoroff Gang

Kaspersky conducted a comprehensive investigation into the BlueNoroff gang in late September, discovering their use of .iso and .vhd disk bitmap images to disseminate malware and new scripts. The group was also found to infect a consumer in the United Arab Emirates through the download of a Word document titled “Shamjit Client Details Form.doc,” which allowed the hackers to remotely access the user’s computer and obtain information while attempting to execute further malicious malware.

North Korea at the Forefront of Crypto Crime

North Korea has reportedly been at the forefront of global crypto crime, with hackers believed to have stolen over $1 billion worth of cryptocurrency from May 2022 to the present day. The larger organization Lazarus has also been linked to several high-profile phishing scams and malware distribution campaigns.

Warnings and Final Thoughts

It is important for individuals and businesses to be aware of these tactics and take precautions to protect themselves from falling victim to similar scams. This includes being cautious when downloading documents or visiting unfamiliar websites, keeping software up to date, and being aware of unusual activity on accounts. It is also crucial for authorities to continue tracking and attempting to prevent these types of attacks from occurring.

The use of cryptocurrency can make it challenging to track and prosecute these crimes, but it is important for the security and stability of the industry for efforts to be made to hold individuals and groups accountable for their actions.