Over the past several years, there were numerous crypto-related cyber attacks occurred in Japan, and they were unable to find the group behind all this. Now, Japan’s national police have found that North Korea’s Lazarus was behind all those crypto hacks.
According to Japan’s government, Lazarus Group used a phishing mode of attack in crypto hacks. It is believed that the group has currently focused more on crypto funds lately. Given these crypto hacks, Japan’s National Police Agency and Financial Services Agency have warned the country’s crypto-asset businesses.
On the 14th of October, in a public advisory statement, Japan’s NPA and FSA warned the country’s crypto-asset businesses and asked them to stay careful of phishing attacks by the hacking group aimed at stealing crypto assets. It was a public attribution and was the fifth time in history that the government had issued such a warning.
In the statement, it said that the group sends phishing emails to employees impersonating executives of the target company through social networking sites with false accounts, pretending to conduct business transactions. The group then uses the malware as a foothold to gain access to that employee’s network.
Japan’s NSA and FSA urged the crypto-asset companies to keep their private keys in an offline environment. They also suggested not opening email attachments or hyperlinks carelessly. Moreover, they suggested not downloading cryptographic asset files from sources other than those whose authenticity can be verified.
NPA also suggested installing security software by implementing multi-factor authentication and strengthening identity authentication mechanisms. They also suggested not using the same password for multiple devices or services. NPA confirmed that numerous of these crypto hacks had been successfully carried out but did not disclose any specific details.
Katsuyuki Okamoto, from the multinational IT firm Trend Micro, also indicated upcoming cyber attacks. He told to Yomiuri Shimbun that Lazarus initially targeted banks in various countries, but recently it has been aiming at crypto assets that are managed more loosely.