Federal agencies issue joint advisory on crypto cyber threats


A trio of federal agencies on Monday issued a joint advisory on the growing risk of cyber threats involving cryptocurrency from a North Korean group. 

The FBI, the Cybersecurity and Infrastructure Security Agency, and the Department of the Treasury highlighted the tactics used by a North Korean state-sponsored advanced persistent threat (APT) group. 

The agencies said the APT group targeted various organizations in the cryptocurrency industry such as play-to-earn crypto video games, crypto trading companies and individual holders of valuable non-fungible tokens, often referred to as NFTs. 

The cyber actors used a variety of communication platforms to target victims, encouraging them to download trojanized cryptocurrency applications through their devices, the agencies said. The group used the fake applications to gain access to the user’s network, stealing private keys or exploiting other security gaps, according to the advisory. 

“This advisory provides information on tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) to stakeholders in the blockchain technology and cryptocurrency industry to help them identify and mitigate cyber threats against cryptocurrency” the agencies said in a statement. 

The latest advisory comes as the FBI said that North Korean hackers are responsible for stealing up to $620 million in cryptocurrency last month from Axie Infinity, a virtual video game that uses NFTs. 

“The FBI continues to combat malicious cyber activity including the threat posed by the Democratic People’s Republic of Korea to the U.S. and our private sector partners,” the FBI said in a statement on Thursday. “Through our investigation we were able to confirm Lazarus Group and APT38, cyber actors associated with the DPRK, are responsible for the theft of $620 million in Ethereum reported on March 29.”

The Treasury Department has also sanctioned the Lazarus Group as an investigation into the reported crime is ongoing. 

Tags CISA CISA cryptocurrency Cryptocurrency Cybersecurity and Infrastructure Security Agency FBI FBI Federal Bureau of Investigation NFTs Non-fungible token North Korea U.S. Department of Treasury

The Hill has removed its comment section, as there are many other forums for readers to participate in the conversation. We invite you to join the discussion on Facebook and Twitter.

See all Hill.TV See all Video

Most Popular

Load more


See all Video