"Blockchain Warning: Hackers Are Targeting Developers and DevOps Teams"

The US Homeland Security Department's Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the US Treasury Department have issued a joint cybersecurity advisory warning all businesses in cryptocurrency to be on the lookout for attacks launched by North Korean state-sponsored hackers. These hackers have been using phishing, malware, and exploits to steal funds and initiate fraudulent blockchain transactions. The joint alert mostly pertains to the work of the North Korean state-backed hacking group Lazarus, also known as APT38. According to the FBI, Lazarus hackers have targeted firms, entities, and exchanges in the blockchain and cryptocurrency industry using spear phishing campaigns and malware to steal cryptocurrency. These actors are expected to continue abusing the vulnerabilities of cryptocurrency technology firms, gaming companies, and exchanges to generate funds in support of the North Korean regime. Lazarus attacks typically start with spear phishing messages targeting cryptocurrency firm employees in system administration, software development/IT operations, or DevOps roles. The messages often appear to be a recruitment effort offering high-paying jobs to lure recipients into downloading malware-infected cryptocurrency applications. The malware-laced version of several cryptocurrency applications has been dubbed TraderTraitor by the FBI. This article continues to discuss the US government's warning of the new tools and tactics used by North Korea's Lazarus APT group. 

ZDNet reports "Blockchain Warning: Hackers Are Targeting Developers and DevOps Teams"