According to new research, Hackers from North Korea have developed a way to steal bitcoin and other cryptocurrencies through the messaging app Telegram.
Cybersecurity specialists from Moscow-based Kaspersky Labs said the notorious Lazarus Group, a hacking collective with links to North Korea, has come up with “enhanced capabilities” in order to target individuals and organizations around the world.
The hackers lure in victims by setting up fake cryptocurrency websites, as well as fake trading groups on the Telegram app. Telegram did not respond to a request for comment.
Malicious links on the sites and groups then infect the target’s device and give attackers access to user data.
Kaspersky expert gave a report that
“Since the initial appearance of Operation AppleJeus, we can see that over time the authors have changed their modus operandi considerably,” Kaspersky researchers wrote in a report detailing the attacks. “We assume this kind of attack on cryptocurrency businesses will continue and become more sophisticated.”
“Cryptocurrency has been a consistent target of North Korean hackers in recent years, with experts saying it offers a “financial lifeline” to evade crippling economic sanctions and finance the development of nuclear weapons.”
A UN report from 2019 estimated that North Korea has earned up to $2 billion in cryptocurrency by hacking online exchanges and organizations.
This far exceeded original estimates by the UN Security Council, which claimed the country had amassed around $670m worth of bitcoin and other cryptocurrencies