Particle.news
Download on the App Store
5 ARTICLES
·
3d ago

FBI Seizes North Korean-Linked Domain in Crypto Malware Scheme

The Blocknovas domain, tied to North Korean hackers targeting cryptocurrency developers, has been taken down as authorities investigate related shell companies.

A projection of cyber code on a hooded man is pictured in this illustration picture taken on May 13, 2017. Capitalizing on spying tools believed to have been developed by the U.S. National Security Agency, hackers staged a cyber assault with a self-spreading malware that has infected tens of thousands of computers in nearly 100 countries. REUTERS/Kacper Pempel/Illustration TPX IMAGES OF THE DAY
Image

Overview

  • North Korean state-sponsored hackers set up U.S.-registered shell companies, Blocknovas LLC and Softglide LLC, to target cryptocurrency developers with malware.
  • The FBI seized the Blocknovas domain, citing its use in fake job postings to distribute malware and compromise cryptocurrency wallets and credentials.
  • The operation was orchestrated by a subgroup of the Lazarus Group under North Korea’s Reconnaissance General Bureau to fund the regime’s nuclear and missile programs.
  • Silent Push researchers confirmed multiple victims of the campaign, with Blocknovas being the most active of the identified front companies.
  • Authorities are intensifying efforts to disrupt related operations, including investigations into Softglide and a third unregistered entity, Angeloper Agency.