news 
North Korean Hackers Use US Shell Companies to Target Crypto Developers
In a shocking revelation, security firm Silent Push has discovered that North Korean hackers have created fake United States-based companies as part of a campaign to target and compromise cryptocurrency developers. The operation, which is linked to the Lazarus Group, employs sophisticated tactics to deceive job applicants into downloading malware, resulting in significant data theft and potentially crippling losses.
According to reports, the North Korean-backed hackers created two US shell companies, Blocknovas and Softglide, as well as a third entity called Angeloper Agency. These front companies were used to post fake job listings on LinkedIn-style profiles, enticing cryptocurrency developers with the promise of lucrative employment opportunities.
During the recruitment process, unsuspecting victims are tricked into downloading malware disguised as job application tools. The hackers utilize AI-generated images and stolen pictures of real individuals to create convincing employee profiles, making it challenging for investigators to detect these fake profiles through reverse image searches.
The malware campaign, which has been ongoing since early 2024, appears to have successfully compromised a significant number of cryptocurrency developers. Notably, at least one victim had their MetaMask wallet compromised, highlighting the severity of this threat.
In response to the growing concern, law enforcement agencies have taken action against these North Korean cyber actors. The FBI has seized the Blocknovas domain as part of a law enforcement operation aimed at disrupting the hackers’ activities.
Despite this development, Silent Push warns that Softglide and other associated infrastructure remain operational. This raises concerns about the continued effectiveness of these tactics in deceiving job seekers and compromising sensitive data.
It is essential for cryptocurrency developers to be aware of these deceptive practices and take proactive measures to protect their digital assets from falling prey to these malicious attacks.
Source: https://blockonomi.com/north-korean-hackers-use-us-shell-companies-to-target-crypto-developers/
