Blog

Today, the FBI issued a warning to cryptocurrency companies and individuals holding cryptocurrencies about social engineering attacks attributed to North Korea.

The U.S. law enforcement agency advises against storing information about crypto wallets on internet-connected devices. The “malicious cyber actors” pose as recruitment agencies or tech companies and attempt to trick employees of crypto companies into executing malware. Once installed, the attackers use this malware to steal cryptocurrencies.

The FBI recommends developing unique methods for verifying the identity of a contact using a separate, unlinked communication platform. Additionally, it is advised not to store information about crypto wallets, such as login details, passwords, wallet IDs, seed phrases, and private keys, on internet-connected devices.

Companies with access to large amounts of cryptocurrency are advised to block the downloading and execution of files through whitelisting and to disable the automatic opening of email attachments.

In the event that employees or organizations suspect they have fallen victim to social engineering, it is recommended to disconnect from the internet immediately, but keep the computer powered on, as this may aid in the investigation.

Read the FBI’s ic3 article for more information.