North Korean hackers Lazarus Group uses US shell companies to recruit crypto developers

Odaily News According to a research report by Silent Push, a sub-team of the North Korean cyber espionage Lazarus Group registered two companies, Blocknovas LLC and Softglide LLC, under false identities in New Mexico and New York, USA, and tricked cryptocurrency developers into downloading malware by posting fake job invitations, thereby stealing wallet credentials and implanting tools needed for subsequent attacks. The FBI has seized the Blocknovas domain name, saying it was used to post fake recruitment information and distribute malware. Kasey Best, director of intelligence at Silent Push, said that such attacks not only target developer wallets, but can also use stolen credentials to further infiltrate legitimate corporate networks. The report pointed out that this method of establishing an entity in the United States to circumvent sanctions violates the sanctions imposed by the US Treasury Department and the United Nations on North Korea. (Reuters)