North Korean crypto hackers can affect several crypto sectors including virtual digital assets, decentralised finance (DeFi), and crypto ETFs.
The FBI has listed measures that crypto firms can take to increase safety of their platforms
Photo Credit: Pexels/ Sora Shimazaki
The US Federal Bureau of Investigation (FBI) has warned crypto investors about the increasing danger posed by sophisticated North Korean hackers. The aim of these cybercriminals, according to the US investigative agency, is to steal hefty crypto reserves from firms that are operating services related to digital assets. These hack attacks have been described as highly tailored social engineering campaigns that are tough to detect. The agency had issued a similar warning in March, when it observed a rise in crypto investment scams.
The danger of North Korean crypto hackers is persistent across all firms operating across the verticals of virtual digital assets, decentralised finance (DeFi), and crypto-related exchange traded funds (ETFs). “Before initiating contact, the actors scout prospective victims by reviewing social media activity, particularly on professional networking or employment-related platforms,” the FBI said, adding that hackers are using tactics like convincing impersonation tricks, creating fake scenarios, and conducting pre-operational research before chalking out roadmaps to deploying the hacks.
The FBI has listed a number of ways, that crypto-related companies can keep their platforms safe from North Korean hackers. These include the creation of personal, unique mechanisms of verification – that could filter out suspicious contactors.
“Do not store information about cryptocurrency wallets — logins, passwords, wallet IDs, seed phrases, private keys, etc. — on Internet-connected devices. Avoid taking pre-employment tests or executing code on company owned laptops or devices,” the FBI warns.
Enabling multi-factor authentication (MFA), establishing regular rotations of security checks, limiting access to internal network-related documentation, and funnelling business-related communication have also been listed by the FBI as safety measures that Web3 firms are incorporate in their operations.
“If you suspect you or your company have been impacted by a social engineering campaign, disconnect the impacted device or devices from the Internet immediately. Leave impacted devices powered on to avoid the possibility of losing access to recoverable malware artifacts,” the law enforcement agency added, also suggesting immediate reporting of such suspicions.
Interestingly, this announcement from the FBI follows a major breach of Indian exchange WazirX last month, which was reportedly executed by North Korea's infamous Lazarus Group of hackers. The attack led to the theft of $230 million (roughly Rs. 1,900 crore) from WazirX reserves.
In a recent conversation with Gadgets 360, WazirX co-founder Nischal Shetty said, “most of the research community says that the pattern matches with Lazarus group. We've got, like, one of the best researchers in the industry, saying that the pattern exactly matches. We got some credible information that, you know, that's a possibility.”
Catch the latest from the Consumer Electronics Show on Gadgets 360, at our CES 2026 hub.