North Korean hackers are exploiting fake IT job offers to gain access to cloud systems and steal millions in cryptocurrency, as reported by Google Cloud and the security firm Wiz. The hacking group, UNC4899, has successfully breached crypto firms by luring employees through social media, leading to malware infections that facilitate unauthorized access. This year's operations have resulted in an estimated $1.6 billion in stolen cryptocurrency. An evolution of tactics since 2020, the TraderTraitor campaign targets crypto companies, leveraging advanced technology and AI to craft convincing job solicitations. Their exploits primarily affect cloud technologies, which are particularly vulnerable in the crypto sector, as many emerging companies rely heavily on these systems for their infrastructure. Experts highlight that these groups, possibly numbering in the thousands, receive significant resources from North Korea, continuing to adapt and innovate their hacking strategies, making them a formidable force in cybercrime.

Source 🔗