Date of report
- April 2022
Affiliations
- Lazarus Group
North Korean hackers targeted cryptocurrency company employees in a phishing campaign to access systems and make fraudulent trades. Lazarus sent mass emails with job offers embedded with malicious links. When victims clicked, their devices downloaded TraderTraitor malware, which enabled the hackers to execute commands and infiltrate company networks to make fraudulent blockchain transactions.
Suspected victims
- Cryptocurrency company employees
Suspected state sponsor
- Korea (Democratic People's Republic of)
Type of incident
- Financial Theft
Target category
- Private sector
Victim government reaction
- Yes
Policy response