Centerpiece
Inconceivable Member
- Messages
- 2,679
Heard this on NPR yesterday and it’s now reported on BBC.
Couldn’t happen to a nicer group of folks.
The hacking process
1. Social engineering
This is the most common and effective technique used by North Korean hackers. Instead of focusing solely on technical vulnerabilities, they manipulate people into compromising security.
Couldn’t happen to a nicer group of folks.
The hacking process
1. Social engineering
This is the most common and effective technique used by North Korean hackers. Instead of focusing solely on technical vulnerabilities, they manipulate people into compromising security.
- Fake job offers: Hackers impersonate recruiters from reputable crypto or tech firms on platforms like LinkedIn. They initiate elaborate, drawn-out interviews to build trust with the target.
- Malware delivery: During the interview process, the fake recruiter sends the victim a malicious file disguised as a coding assignment or other employment-related document. This file contains malware that compromises the user's computer.
- Targeting high-value individuals: The hackers have increasingly shifted from just targeting companies to focusing on high-net-worth individuals or employees with access to high-value crypto assets. These individuals may have weaker security than large enterprises
- 2. Exploiting software and infrastructure
Beyond human manipulation, North Korean hackers exploit technical flaws in the crypto ecosystem.- Supply chain attacks: The massive $1.5 billion hack against crypto exchange Bybit in February 2025 was a supply chain compromise. Hackers first breached a third-party multisig wallet software (Safe{Wallet}) used by Bybit by compromising one of the developer's workstations.
- Stealing private keys: A compromised private key or seed phrase is the gateway to a crypto wallet. In incidents like the hack of the Indian exchange WazirX, private keys were compromised through phishing and API exploitation.
- Exploiting bridge and DeFi vulnerabilities: Hackers find and exploit weaknesses in bridges that connect different blockchains. Examples include the Ronin Network and Horizon bridge attacks, which resulted in hundreds of millions in losses.
- 3. Laundering the stolen cryptocurrency
Once funds are stolen, the North Korean threat actors immediately begin a complex laundering process to obscure their trail and convert the digital assets into usable currency.
