North Korea ‘Luring Crypto Users With Fake Job Offers’

north korean Hackers are trying to break into crypto accounts by sending fake job offers, a security vendor has claimed.

The complaints were made in a message by point of proofa California-based security vendor, and reported by South Korean media KBS and TV Chosun.

Proofpoint claimed that a group named TA444 was behind the latest hacking drive. He called TA444 “a North Korean-sponsored advanced persistent threat group” that is “likely tasked with generating revenue for the North Korean regime.”

And the vendor claimed that while TA444 was “historically involved in targeting banks”, it has “more recently […] has turned its attention to cryptocurrency.

The vendor also claimed that TA444 “reflects” the capitalist “startup culture” in “its dedication to the dollar and the grind.”

This would have seen the group target individuals with emails that have attachments laced with malicious code that can potentially give them access to crypto wallets.

Proofpoint gave what it said were examples of this – showing screenshots of emails containing PDF attachments referring to “salary adjustments”.

North Korean hackers take part in ‘large-scale’ crypto attack

Similar records apparently offering paid employment are also common, the security firm added.

He stated:

“A444 has a comprehensive marketing strategy to increase its chances of new […] returned. It starts with creating lure content. These may include cryptocurrency blockchain scans, job opportunities at prestigious companies, or salary adjustments.

And, he added, TA444 launched a “large-scale phishing attack” that targets the financial, education, government and healthcare sectors in the United States and Canada.

The group reportedly began stepping up its offensive last December. And he also allegedly targeted potential victims on social media platforms like LinkedIn.

While reports of TA444’s involvement are a relatively new development, security experts have been accusing North Korea of ​​similar tactics since at least 2020. They claim that groups such as Lazarus have attempted to lure individuals with complex phishing attacks that use “fake” LinkedIn accounts.

TVChosun quoted Hong Min, the head of the North Korean research office at the South Korean Institute for National Unification, as saying “the easiest and most sustainable method [way for North Korea to raise funds] is hacking and stealing funds through the internet.”