Japan’s Police and FSA Publish a Joint Cyber Warning to Crypto Firms, Link Attacks to Lazarus Group

According to the National Police Agency (NPA) in Japan, North Korean hackers from the crime syndicate Lazarus Group have been targeting crypto companies in the country. Local reports detail that it’s the fifth time the NPA has tied “public attribution” to the organization of North Korean cyber criminals.

Japan’s Law Enforcement and Financial Regulator Warn Against Lazarus Group Attacks

Hackers from the notorious crime syndicate Lazarus Group are reportedly targeting crypto companies in Japan, according to a recently published NPA cyber security report. Officials have applied “public attribution” to the suspects and have noted that the hackers are from North Korea and most likely members of the Lazarus gang of cyber criminals.

The NPA calls Lazarus “a subordinate organization of the North Korean authorities” and says recent cyber attacks are “targeting crypto-asset-related businesses.” Japan’s NPA also notes that law enforcement officials from the U.S. Federal Bureau of Investigation (FBI) have sent out similar warnings about Lazarus Group’s specific methods of attack.

The NPA details that the hackers send “employees phishing emails pretending to be executives of the target company,” and they also “approach employees of the target company” under the guise of a “false account.” The Japanese news organization Japan News details that this is the fifth time Japanese authorities have warned about the notorious Lazarus Group.

The report notes that the NPA has not disclosed any specific case associated with Lazarus. However, the Japan News report does say sources familiar with the matter believe Lazarus was responsible for the Zaif hack in 2018 and the Bitpoint Japan hack in 2019.

The NPA’s notice warns about engaging with suspicious phishing emails and shady characters leveraging a disguise. An executive from the information security firm Trend Micro, Katsuyuki Okamoto, says the NPA’s joint warning with the Financial Services Agency (FSA) is helpful by bringing attention to the matter.

“It’s important to engage in public attribution, as it will raise public awareness of the perpetrator’s tactics and prompt people to take measures,” Okamoto said in a statement on Saturday.

The latest notice from Japan’s NPA and FSA follows North Korea firing a ballistic missile over the country during the first week of October. The last time Pyongyang fired a missile over Japan was five years ago in 2017. Tensions between the two countries have been heightened since North Korea’s recent missile provocation over Aomori Prefecture.

Tags in this story
ballistic missile, Bitpoint hack, cyber attacks, fsa, hacking syndicate, Japan, Japanese crypto firms, Japanese Exchanges, Katsuyuki Okamoto, Lazarus Group, Lazarus Group attacks, Lazarus Group hacks, National Police Agency, north korea, NPA, pyongyang, Tensions, trend micro, Zaif hack

What do you think about Japan’s NPA and FSA warning about cyber attacks from the notorious hacking syndicate Lazarus Group? Let us know what you think about this subject in the comments section below.

Jamie Redman

Jamie Redman is the News Lead at Bitcoin.com News and a financial tech journalist living in Florida. Redman has been an active member of the cryptocurrency community since 2011. He has a passion for Bitcoin, open-source code, and decentralized applications. Since September 2015, Redman has written more than 6,000 articles for Bitcoin.com News about the disruptive protocols emerging today.




Image Credits: Shutterstock, Pixabay, Wiki Commons

Disclaimer: This article is for informational purposes only. It is not a direct offer or solicitation of an offer to buy or sell, or a recommendation or endorsement of any products, services, or companies. Bitcoin.com does not provide investment, tax, legal, or accounting advice. Neither the company nor the author is responsible, directly or indirectly, for any damage or loss caused or alleged to be caused by or in connection with the use of or reliance on any content, goods or services mentioned in this article.

Read disclaimer

Source