North Korean Hackers Create U.S. Shell Companies to Target Crypto Developers
North Korean hackers have registered companies in New York and New Mexico to compromise crypto developers, according to security firm Silent Push.
- Two businesses, Blocknovas and Softglide, were created with fictitious identities.
- This operation is linked to a faction of the Lazarus Group.
- The hacking unit has stolen billions in cryptocurrency using advanced techniques.
- Hackers set up legal corporate entities in the US to deceive job applicants.
- They used fake profiles and job postings to lure victims into downloading malware.
- Blocknovas was identified as the most active front company. Its listed address is an empty lot.
- Silent Push found that the malware includes three strains associated with North Korean cyber units.
- The FBI has seized the Blocknovas domain due to its involvement in distributing malware through fake job postings.