North Korea has long done anything and everything it could to get its hands on crypto. There’s no doubt about that. At this stage, it’s obvious the nation is trying to garner digital assets so it can fund its ongoing nuclear program. However, until now, we’ve always been afraid of Lazarus, as this is the main state-funded hacking organization trying to garner illicit crypto through stealing, cyberattacks, and thievery.
North Korea Has a New Group Stealing Crypto
It now seems like North Korea has a new organization in play working to take crypto funds from unsuspecting investors. Known as TA444, the group has been around for the past six years (since at least early 2017), though it didn’t really start concentrating on crypto until 2022.
Using new methods, the group has been working hard to target crypto investors and their wallets. The organization has also worked in tandem with other crypto hacking groups such as Black Alicanto, Stardust Chollima, and COPERNICIUM with the goal of having all digital funds it steals funneled to those in power in North Korea.
News of TA444 came about in a new report published by cybersecurity firm Proofpoint Inc. What makes the organization frightening is that while stealing crypto assets is nothing new for the nation, TA444 utilizes a wide array of payment-garnering methods than what has previously been seen out of North Korea.
The group has been known to attract victims by posting fake job advertisements and salary adjustments from big-name companies. In addition, the group has also utilized blockchain-related lures. Greg Lesnewich – senior threat researcher at Proofpoint – explained in a recent interview:
With a startup mentality and a passion for cryptocurrency, TA444 spearheads North Korea’s cashflow generation for the regime by bringing in launderable funds. This threat actor rapidly ideates new attack methods while embracing social media as part of their MO.
He also stated that TA444 has taken “its focus on cryptocurrencies to a new level and has taken to mimicking the cybercrime ecosystem by testing a variety of infection chains to help expand its revenue streams.”
A Long History of Illicit Activity
North Korea is a nation that has long been sanctioned by the United States and its allies. This has barred it from doing business with other countries the way standard regions would. It has also been cut off from exports and important financial services as a result of the sanctions. Thus, it has turned to crypto to garner the items it needs to remain functional.
It is estimated that North Korea has stolen crypto from a wide array of countries including several in Asia, North America, and Europe. Overall, the dictatorship has made off with billions in digital assets that it’s consistently utilized to ensure its nuclear program always stays in play.
Source: https://www.livebitcoinnews.com/ta444-is-a-new-crypto-hacking-group-in-north-korea/