On October 14, the Japanese authorities officially reported the criminal group’s growing activity. Usually, authorities refrain from making public comments before arresting cyber criminals. In this case, however, the National Police Department and the Financial Services Agency issued joint statements warning local crypto companies of possible attacks. These tactics are expected to increase the vigilance of businesses, and their employees, as well as prevent possible future attacks.
According to Japanese police, Lazarus hackers pretended to be executives of crypto companies and sent phishing emails to their employees. They also contacted them on social networks and persuaded people to download malware. This allowed culprits to hack internal corporate systems and steal crypto assets.
After some crypto exchanges claimed they were hit with cyberattacks, the Cyber Threat Task Force tackled the agenda. The Lazarus group is blamed to be behind the hacks. The hackers are believed to be controlled by the Reconnaissance General Bureau, North Korea’s intelligence service.
Lazarus hackers have been accused of recent high-profile cyberattacks, including the Horizon Bridge and Ronin Bridge hacks worth more than $750 million. Additionally, Japanese police argue that the Lazarus group stole crypto assets from the Zaif and Bitpoint Japan exchanges in 2018 and 2019.
The official warning from Japanese authorities encourages crypto businesses to improve cybersecurity awareness among their employees. Specifically, they recommend being cautious about emails, links, and software downloads.