{"id":141768,"date":"2024-11-09T11:00:32","date_gmt":"2024-11-09T09:00:32","guid":{"rendered":"https:\/\/cryptodnes.bg\/en\/?p=141768"},"modified":"2024-11-08T14:58:09","modified_gmt":"2024-11-08T12:58:09","slug":"north-korean-hackers-shift-to-phishing-campaigns-targeting-crypto-firms","status":"publish","type":"post","link":"https:\/\/cryptodnes.bg\/en\/north-korean-hackers-shift-to-phishing-campaigns-targeting-crypto-firms\/","title":{"rendered":"North Korean Hackers Shift to Phishing Campaigns Targeting Crypto Firms"},"content":{"rendered":"<p>These <strong><a href=\"https:\/\/www.sentinelone.com\/labs\/bluenoroff-hidden-risk-threat-actor-targets-macs-with-fake-crypto-news-and-novel-persistence\/\" target=\"_blank\" rel=\"nofollow\">emails<\/a><\/strong>, disguised as crypto news or DeFi updates, lead to malware-laden links that bypass security features like macOS\u2019s Gatekeeper, allowing hackers to steal sensitive data.<\/p>\n<p>As the cryptocurrency sector grows, North Korean hackers are increasingly focusing on DeFi and ETF firms, using phishing and social engineering to target employees.<\/p>\n<p>The FBI has issued warnings, urging firms to strengthen security and cross-check wallet addresses.<\/p>\n<style>\n    .dark-mode .read-more {background-color: #343a40 !important;}\n<\/style>\n<div class=\"read-more pb-3 pt-3 pt-md-2 px-3 my-4 border bg-light\">\n    <h5 class=\"text-uppercase border-bottom mb-3 pb-1 d-none d-md-block\">READ MORE:<\/h5>\n    <a class=\"article row\" href=\"https:\/\/cryptodnes.bg\/en\/china-cracks-down-on-crypto-money-laundering-and-sets-legal-precedent\/\" title=\"China Cracks Down on Crypto Money Laundering and Sets Legal Precedent\">\n        <div class=\"contentRight col-4\">\n            <span class=\"imgContainer mt-0\">\n                <img decoding=\"async\" class=\"image img-defer\" src=\"https:\/\/cryptodnes.bg\/en\/wp-content\/uploads\/sites\/2\/2022\/07\/China-Launches-Blockchain-Push-Growing-Countryu2019s-Worrying-Influence-Over-Cryptocurrency-240x170.jpg\">\n            <\/span>\n        <\/div>\n        <div class=\"contentLeft col-8\">\n            <h4 class=\"title mb-0\">China Cracks Down on Crypto Money Laundering and Sets Legal Precedent<\/h4>           \n            \n        <\/div>        \n    <\/a>\n<\/div>\n<p>The Lazarus Group has also exploited privacy protocols like RailGun for crypto money laundering, prompting U.S. sanctions on services like Tornado Cash.<\/p>\n<p>Experts advise cryptocurrency firms, particularly those on macOS, to enhance security with regular malware scans and careful scrutiny of email attachments to defend against these evolving threats.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>North Korean hackers, under the BlueNoroff subgroup of the Lazarus Group, have escalated their cyberattacks, shifting from social media manipulation to targeted phishing emails in their &#8216;Hidden Risk&#8217; campaign.<\/p>\n","protected":false},"author":3,"featured_media":36796,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"_lmt_disableupdate":"","_lmt_disable":"","footnotes":""},"categories":[26],"tags":[],"class_list":["post-141768","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cryptocrime"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v24.8.1 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>North Korean Hackers Shift to Phishing Campaigns Targeting Crypto Firms<\/title>\n<meta name=\"description\" content=\"North Korean hackers, under the BlueNoroff subgroup of the Lazarus Group, have escalated their cyberattacks, shifting from social...\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/cryptodnes.bg\/en\/north-korean-hackers-shift-to-phishing-campaigns-targeting-crypto-firms\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"North Korean Hackers Shift to Phishing Campaigns Targeting Crypto Firms\" \/>\n<meta property=\"og:description\" content=\"North Korean hackers, under the BlueNoroff subgroup of the Lazarus Group, have escalated their cyberattacks, shifting from social...\" \/>\n<meta property=\"og:url\" content=\"https:\/\/cryptodnes.bg\/en\/north-korean-hackers-shift-to-phishing-campaigns-targeting-crypto-firms\/\" \/>\n<meta property=\"og:site_name\" content=\"CryptoDnes EN\" \/>\n<meta property=\"article:published_time\" content=\"2024-11-09T09:00:32+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/cryptodnes.bg\/en\/wp-content\/uploads\/sites\/2\/2022\/07\/blog-800x400-spear-phishing_1.jpeg\" \/>\n\t<meta property=\"og:image:width\" content=\"800\" \/>\n\t<meta property=\"og:image:height\" content=\"400\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Alexander Stefanov\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Alexander Stefanov\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"1 minute\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/cryptodnes.bg\/en\/north-korean-hackers-shift-to-phishing-campaigns-targeting-crypto-firms\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/cryptodnes.bg\/en\/north-korean-hackers-shift-to-phishing-campaigns-targeting-crypto-firms\/\"},\"author\":{\"name\":\"Alexander Stefanov\",\"@id\":\"https:\/\/cryptodnes.bg\/en\/#\/schema\/person\/121029bf2ce7d5bbdab7f447d5aeebb5\"},\"headline\":\"North Korean Hackers Shift to Phishing Campaigns Targeting Crypto Firms\",\"datePublished\":\"2024-11-09T09:00:32+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/cryptodnes.bg\/en\/north-korean-hackers-shift-to-phishing-campaigns-targeting-crypto-firms\/\"},\"wordCount\":127,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/cryptodnes.bg\/en\/#organization\"},\"image\":{\"@id\":\"https:\/\/cryptodnes.bg\/en\/north-korean-hackers-shift-to-phishing-campaigns-targeting-crypto-firms\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/cryptodnes.bg\/en\/wp-content\/uploads\/sites\/2\/2022\/07\/blog-800x400-spear-phishing_1.jpeg\",\"articleSection\":[\"Crypto Crime\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/cryptodnes.bg\/en\/north-korean-hackers-shift-to-phishing-campaigns-targeting-crypto-firms\/#respond\"]}],\"copyrightYear\":\"2024\",\"copyrightHolder\":{\"@id\":\"https:\/\/cryptodnes.bg\/#organization\"}},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/cryptodnes.bg\/en\/north-korean-hackers-shift-to-phishing-campaigns-targeting-crypto-firms\/\",\"url\":\"https:\/\/cryptodnes.bg\/en\/north-korean-hackers-shift-to-phishing-campaigns-targeting-crypto-firms\/\",\"name\":\"North Korean Hackers Shift to Phishing Campaigns Targeting Crypto Firms\",\"isPartOf\":{\"@id\":\"https:\/\/cryptodnes.bg\/en\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/cryptodnes.bg\/en\/north-korean-hackers-shift-to-phishing-campaigns-targeting-crypto-firms\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/cryptodnes.bg\/en\/north-korean-hackers-shift-to-phishing-campaigns-targeting-crypto-firms\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/cryptodnes.bg\/en\/wp-content\/uploads\/sites\/2\/2022\/07\/blog-800x400-spear-phishing_1.jpeg\",\"datePublished\":\"2024-11-09T09:00:32+00:00\",\"description\":\"North Korean hackers, under the BlueNoroff subgroup of the Lazarus Group, have escalated their cyberattacks, shifting from social...\",\"breadcrumb\":{\"@id\":\"https:\/\/cryptodnes.bg\/en\/north-korean-hackers-shift-to-phishing-campaigns-targeting-crypto-firms\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/cryptodnes.bg\/en\/north-korean-hackers-shift-to-phishing-campaigns-targeting-crypto-firms\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/cryptodnes.bg\/en\/north-korean-hackers-shift-to-phishing-campaigns-targeting-crypto-firms\/#primaryimage\",\"url\":\"https:\/\/cryptodnes.bg\/en\/wp-content\/uploads\/sites\/2\/2022\/07\/blog-800x400-spear-phishing_1.jpeg\",\"contentUrl\":\"https:\/\/cryptodnes.bg\/en\/wp-content\/uploads\/sites\/2\/2022\/07\/blog-800x400-spear-phishing_1.jpeg\",\"width\":800,\"height\":400},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/cryptodnes.bg\/en\/north-korean-hackers-shift-to-phishing-campaigns-targeting-crypto-firms\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/cryptodnes.bg\/en\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"North Korean Hackers Shift to Phishing Campaigns Targeting Crypto Firms\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/cryptodnes.bg\/en\/#website\",\"url\":\"https:\/\/cryptodnes.bg\/en\/\",\"name\":\"CryptoDnes EN\",\"description\":\"Crypto News, Bitcoin Analysis and More\",\"publisher\":{\"@id\":\"https:\/\/cryptodnes.bg\/en\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/cryptodnes.bg\/en\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/cryptodnes.bg\/en\/#organization\",\"name\":\"CryptoDnes EN\",\"url\":\"https:\/\/cryptodnes.bg\/en\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/cryptodnes.bg\/en\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/cryptodnes.bg\/en\/wp-content\/uploads\/sites\/2\/2025\/04\/logo.svg\",\"contentUrl\":\"https:\/\/cryptodnes.bg\/en\/wp-content\/uploads\/sites\/2\/2025\/04\/logo.svg\",\"caption\":\"CryptoDnes EN\"},\"image\":{\"@id\":\"https:\/\/cryptodnes.bg\/en\/#\/schema\/logo\/image\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\/\/cryptodnes.bg\/en\/#\/schema\/person\/121029bf2ce7d5bbdab7f447d5aeebb5\",\"name\":\"Alexander Stefanov\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/cryptodnes.bg\/en\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/6dd8585c9881c74e639b0a3d0a889929?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/6dd8585c9881c74e639b0a3d0a889929?s=96&d=mm&r=g\",\"caption\":\"Alexander Stefanov\"},\"url\":\"https:\/\/cryptodnes.bg\/en\/author\/alex100oo\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"North Korean Hackers Shift to Phishing Campaigns Targeting Crypto Firms","description":"North Korean hackers, under the BlueNoroff subgroup of the Lazarus Group, have escalated their cyberattacks, shifting from social...","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/cryptodnes.bg\/en\/north-korean-hackers-shift-to-phishing-campaigns-targeting-crypto-firms\/","og_locale":"en_US","og_type":"article","og_title":"North Korean Hackers Shift to Phishing Campaigns Targeting Crypto Firms","og_description":"North Korean hackers, under the BlueNoroff subgroup of the Lazarus Group, have escalated their cyberattacks, shifting from social...","og_url":"https:\/\/cryptodnes.bg\/en\/north-korean-hackers-shift-to-phishing-campaigns-targeting-crypto-firms\/","og_site_name":"CryptoDnes EN","article_published_time":"2024-11-09T09:00:32+00:00","og_image":[{"width":800,"height":400,"url":"https:\/\/cryptodnes.bg\/en\/wp-content\/uploads\/sites\/2\/2022\/07\/blog-800x400-spear-phishing_1.jpeg","type":"image\/jpeg"}],"author":"Alexander Stefanov","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Alexander Stefanov","Est. reading time":"1 minute"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/cryptodnes.bg\/en\/north-korean-hackers-shift-to-phishing-campaigns-targeting-crypto-firms\/#article","isPartOf":{"@id":"https:\/\/cryptodnes.bg\/en\/north-korean-hackers-shift-to-phishing-campaigns-targeting-crypto-firms\/"},"author":{"name":"Alexander Stefanov","@id":"https:\/\/cryptodnes.bg\/en\/#\/schema\/person\/121029bf2ce7d5bbdab7f447d5aeebb5"},"headline":"North Korean Hackers Shift to Phishing Campaigns Targeting Crypto Firms","datePublished":"2024-11-09T09:00:32+00:00","mainEntityOfPage":{"@id":"https:\/\/cryptodnes.bg\/en\/north-korean-hackers-shift-to-phishing-campaigns-targeting-crypto-firms\/"},"wordCount":127,"commentCount":0,"publisher":{"@id":"https:\/\/cryptodnes.bg\/en\/#organization"},"image":{"@id":"https:\/\/cryptodnes.bg\/en\/north-korean-hackers-shift-to-phishing-campaigns-targeting-crypto-firms\/#primaryimage"},"thumbnailUrl":"https:\/\/cryptodnes.bg\/en\/wp-content\/uploads\/sites\/2\/2022\/07\/blog-800x400-spear-phishing_1.jpeg","articleSection":["Crypto Crime"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/cryptodnes.bg\/en\/north-korean-hackers-shift-to-phishing-campaigns-targeting-crypto-firms\/#respond"]}],"copyrightYear":"2024","copyrightHolder":{"@id":"https:\/\/cryptodnes.bg\/#organization"}},{"@type":"WebPage","@id":"https:\/\/cryptodnes.bg\/en\/north-korean-hackers-shift-to-phishing-campaigns-targeting-crypto-firms\/","url":"https:\/\/cryptodnes.bg\/en\/north-korean-hackers-shift-to-phishing-campaigns-targeting-crypto-firms\/","name":"North Korean Hackers Shift to Phishing Campaigns Targeting Crypto Firms","isPartOf":{"@id":"https:\/\/cryptodnes.bg\/en\/#website"},"primaryImageOfPage":{"@id":"https:\/\/cryptodnes.bg\/en\/north-korean-hackers-shift-to-phishing-campaigns-targeting-crypto-firms\/#primaryimage"},"image":{"@id":"https:\/\/cryptodnes.bg\/en\/north-korean-hackers-shift-to-phishing-campaigns-targeting-crypto-firms\/#primaryimage"},"thumbnailUrl":"https:\/\/cryptodnes.bg\/en\/wp-content\/uploads\/sites\/2\/2022\/07\/blog-800x400-spear-phishing_1.jpeg","datePublished":"2024-11-09T09:00:32+00:00","description":"North Korean hackers, under the BlueNoroff subgroup of the Lazarus Group, have escalated their cyberattacks, shifting from social...","breadcrumb":{"@id":"https:\/\/cryptodnes.bg\/en\/north-korean-hackers-shift-to-phishing-campaigns-targeting-crypto-firms\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/cryptodnes.bg\/en\/north-korean-hackers-shift-to-phishing-campaigns-targeting-crypto-firms\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/cryptodnes.bg\/en\/north-korean-hackers-shift-to-phishing-campaigns-targeting-crypto-firms\/#primaryimage","url":"https:\/\/cryptodnes.bg\/en\/wp-content\/uploads\/sites\/2\/2022\/07\/blog-800x400-spear-phishing_1.jpeg","contentUrl":"https:\/\/cryptodnes.bg\/en\/wp-content\/uploads\/sites\/2\/2022\/07\/blog-800x400-spear-phishing_1.jpeg","width":800,"height":400},{"@type":"BreadcrumbList","@id":"https:\/\/cryptodnes.bg\/en\/north-korean-hackers-shift-to-phishing-campaigns-targeting-crypto-firms\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/cryptodnes.bg\/en\/"},{"@type":"ListItem","position":2,"name":"North Korean Hackers Shift to Phishing Campaigns Targeting Crypto Firms"}]},{"@type":"WebSite","@id":"https:\/\/cryptodnes.bg\/en\/#website","url":"https:\/\/cryptodnes.bg\/en\/","name":"CryptoDnes EN","description":"Crypto News, Bitcoin Analysis and More","publisher":{"@id":"https:\/\/cryptodnes.bg\/en\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/cryptodnes.bg\/en\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/cryptodnes.bg\/en\/#organization","name":"CryptoDnes EN","url":"https:\/\/cryptodnes.bg\/en\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/cryptodnes.bg\/en\/#\/schema\/logo\/image\/","url":"https:\/\/cryptodnes.bg\/en\/wp-content\/uploads\/sites\/2\/2025\/04\/logo.svg","contentUrl":"https:\/\/cryptodnes.bg\/en\/wp-content\/uploads\/sites\/2\/2025\/04\/logo.svg","caption":"CryptoDnes EN"},"image":{"@id":"https:\/\/cryptodnes.bg\/en\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/cryptodnes.bg\/en\/#\/schema\/person\/121029bf2ce7d5bbdab7f447d5aeebb5","name":"Alexander Stefanov","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/cryptodnes.bg\/en\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/6dd8585c9881c74e639b0a3d0a889929?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/6dd8585c9881c74e639b0a3d0a889929?s=96&d=mm&r=g","caption":"Alexander Stefanov"},"url":"https:\/\/cryptodnes.bg\/en\/author\/alex100oo\/"}]}},"modified_by":"Deyan Angelov","_links":{"self":[{"href":"https:\/\/cryptodnes.bg\/en\/wp-json\/wp\/v2\/posts\/141768","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/cryptodnes.bg\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cryptodnes.bg\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/cryptodnes.bg\/en\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/cryptodnes.bg\/en\/wp-json\/wp\/v2\/comments?post=141768"}],"version-history":[{"count":1,"href":"https:\/\/cryptodnes.bg\/en\/wp-json\/wp\/v2\/posts\/141768\/revisions"}],"predecessor-version":[{"id":141770,"href":"https:\/\/cryptodnes.bg\/en\/wp-json\/wp\/v2\/posts\/141768\/revisions\/141770"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cryptodnes.bg\/en\/wp-json\/wp\/v2\/media\/36796"}],"wp:attachment":[{"href":"https:\/\/cryptodnes.bg\/en\/wp-json\/wp\/v2\/media?parent=141768"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cryptodnes.bg\/en\/wp-json\/wp\/v2\/categories?post=141768"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cryptodnes.bg\/en\/wp-json\/wp\/v2\/tags?post=141768"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}