×
A powerful documentary on how Bitcoin and blockchain are reshaping money, power, and geopolitics—from El Salvador’s Bitcoin experiment and Europe’s regulatory revolution to the rise of decentralized finance and the new global financial order.
North Korean hackers specialising in cryptocurrency are honing a well-known scam. Previously they relied on fake job offers and investment proposals to spread malware, but their methods are becoming increasingly sophisticated.
While these attacks previously depended on victims interacting directly with infected files, closer coordination between hacker groups has now allowed them to overcome this weakness, using recycled video calls and impersonations of Web3 executives to trick targets.
According to recent reports from digital security firm Kaspersky, North Korean cybercriminals are employing new tools. BlueNoroff APT, a subsection of the Lazarus Group (the most feared North Korea-based criminal organisation - DPRK), has two active campaigns underway, called GhostCall and GhostHire, which share the same management infrastructure.
BlueNoroff, with its 'GhostCall' and 'GhostHire' campaigns, targets the crypto and Web3 sectors with fake calls and job offers to steal millions, according to Kaspersky.
New Tactics and Enhanced Social Engineering
In the GhostCall campaign, these North Korean hackers target Web3 executives, presenting themselves as potential investors. GhostHire, on the other hand, lures blockchain engineers with tempting job offers.
Both tactics have been in use since at least last month, but the threat is increasing. Regardless of the target, the scam is the same: the goal is to trick the victim into downloading malware, whether it is a fake 'coding challenge' or a clone of Zoom or Microsoft Teams.
Once the victim interacts with this compromised platform, hackers can breach its systems.
Kaspersky has noted a number of marginal enhancements, such as focusing on operating systems favoured by crypto developers. However, the common vulnerability of these schemes has always been the need for the victim to interact with suspicious software, which has hurt the success rate of previous scams.
To overcome this critical issue, hackers have found a new way to recycle missed opportunities by enhancing social engineering. In addition to Artificial Intelligence (AI)-generated content, they can also use hacked accounts of real entrepreneurs or snippets of real video calls to make their scams believable.
A crypto executive who breaks contact with a suspicious recruiter, for example, could see his image reused and weaponised against new victims. The use of AI allows hackers to synthesise new 'conversations' that mimic a person's tone, gestures and environment with alarming realism. Even when these scams fail, the potential damage remains severe.
Anyone approached in unusual or high-pressure circumstances should remain vigilant: never download unfamiliar software or accept requests that seem out of place.
Read Next
Andrew Tate accused of on-chain crypto laundering
A report reveals links between Andrew Tate and a $5 million scam in Texas, with suspicious flows of $30 million to privacy protocols.
India: maxi raid against a decade-old crypto scam
Indian authorities strike at a vast crypto scam network that has been active for years: raids in 21 locations, wallets seized and international investigations underway.
Wolf Capital CEO in Prison for $9.4 Million Crypto Scam
ravis Ford, CEO of Wolf Capital Trading LLC, was sentenced to five years for fraud. The cryptocurrency Ponzi scheme raised nearly $10 million from 2,8000 investors. A sign of the growing scourge of global crypto fraud.
Crypto Scam Alert: Fake Booking.com and Coinbase Partnership for Summit in Dubai
Phishing emails use Booking.com to promote a fake 'Exclusive Crypto Travel Summit' in Dubai, citing Buterin and Armstrong. CoinGecko CEO Bobby Ong and Booking.com confirm the scam.