Attacks against organizations and individuals in the Web3 and cryptocurrency sectors have been deployed by several North Korean state-backed threat operations in a bid to finance the country's weapons programs and other initiatives, The Hacker News reports.
Aside from UNC1069, UNC4899, and UNC5342 that targeted cryptocurrency and blockchain developers focused on Web3 projects with social engineering and fake job lures, UNC4736 has also launched a software supply chain attack against the blockchain industry, according to research from Mandiant. Moreover, UNC3782 exfiltrated over $137 million from TRON cryptocurrency users two years ago while UNC5267 engaged in IT worker campaigns. Such findings come as Palo Alto Networks Unit 42 reported on North Korean IT workers' exploitation of real-time deepfake technology alongside compromised identities in job-related scams. Deepfake not only allows threat actors to undergo multiple interviews under different personas but also helps further conceal malicious activity, said Palo Alto Networks Unit 42 researcher Evan Gordenker.
Aside from UNC1069, UNC4899, and UNC5342 that targeted cryptocurrency and blockchain developers focused on Web3 projects with social engineering and fake job lures, UNC4736 has also launched a software supply chain attack against the blockchain industry, according to research from Mandiant. Moreover, UNC3782 exfiltrated over $137 million from TRON cryptocurrency users two years ago while UNC5267 engaged in IT worker campaigns. Such findings come as Palo Alto Networks Unit 42 reported on North Korean IT workers' exploitation of real-time deepfake technology alongside compromised identities in job-related scams. Deepfake not only allows threat actors to undergo multiple interviews under different personas but also helps further conceal malicious activity, said Palo Alto Networks Unit 42 researcher Evan Gordenker.
