North Korean Hackers Target Brazilian Crypto Firms: Report
A June 13 threat intelligence report from Google Cloud exposed an alarming wave of cyberattacks by North Korean hackers targeting cryptocurrency exchanges, fintech companies, and individuals in Brazil.
The report identifies the notorious North Korean hacking group Pukchong (also known as UNC4899) as the culprit behind the recent attacks.
North Korea Hackers Running Coordinated Attacks?
Cybercriminals use a sinister tactic to lure unsuspecting victims into downloading malicious software disguised as a crypto price tracker. The malware gives the attackers control over the victim’s system and enables the retrieval of additional harmful payloads.
According to Google threat intelligence , North Korean groups have targeted Brazil’s cryptocurrency firms and aerospace, defense, and government entities. In contrast, Chinese government-backed cybercriminals focus on targeting government organizations and the energy sector in the South American nation.
Source: Google Cloud ReportIn addition to Pukchong, other North Korean hacking groups, such as GoPix and URSA, were also found to be actively targeting Brazilian cryptocurrency firms using similar malware attacks.
Brazil’s Digital Boom Under Cyber Attack
This discovery came amid critical concerns over the security of cryptocurrency wallets and exchanges, which are constantly being attacked by hackers.
On April 15, Trust Wallet warned about a zero-day exploit targeting iOS users. The crypto wallet provider disclosed that the flaw could allow hackers to gain unauthorized access to users’ data.
While no victim was reported then, Trust Wallet advised users to disable iPhone iMessage until Apple fixes the gap.
Also, in May 2024, cybersecurity firm Kaspersky uncovered that the North Korean hacking group Kimsuky deployed malware targeting South Korean crypto firms. The malware named “Durian” enables the execution of delivered commands, additional file downloads, and exfiltration of sensitive files.
Google’s threat analysis warned that Brazil is vulnerable to cyber threats from local and foreign threat actors. As the country’s digital payment market booms, its thriving economy makes it a rewarding target for the digital underworld.
Notably, ransomware groups that had previously focused on North America and Europe have now set their sights on the Latin American country.
RansomHub, a ransomware-as-a-service gang, has even identified Brazil as its second most-targeted country on its leak site, underscoring the growing threat to its digital landscape.
Disclaimer: The content of this article solely reflects the author's opinion and does not represent the platform in any capacity. This article is not intended to serve as a reference for making investment decisions.
You may also like
Tether Expands USDT Reserves, Issuing 1 Billion New Tokens
Alibaba’s newest AI model QwQ-32B-Preview outshines OpenAI’s o1 in some benchmarks
Share link:In this post: Alibaba’s model surpassed OpenAI in benchmarks like AIME and MATH. The model could be a step towards reasoning AI. However, the model has its limitations too.
HYPE token surges 63% after a billion-dollar airdrop
Share link:In this post: HYPE token value has risen by 60% in 12 hours following recent airdrops. Airdrops are meant to promote new tokens or to appreciate early adopters. Hyperliquid’s airdrop is the largest in the history of the DeFi protocol.
Celebrating two years of ChatGPT: how far it has come!