Disclaimer: The opinions expressed by our writers are their own and do not represent the views of U.Today. The financial and market information provided on U.Today is intended for informational purposes only. U.Today is not liable for any financial losses incurred while trading cryptocurrencies. Conduct your own research by contacting financial experts before making any investment decisions. We believe that all content is accurate as of the date of publication, but certain offers mentioned may no longer be available.
Changpeng Zhao, also known as CZ, has taken to his X account to publish a vital security warning for the crypto community.
CZ revealed in detail how these seasoned hackers work, warning the community to stay secure and avoid falling for their digital traps.
CZ's warning about NK hackers
In his tweet, CZ reminded the crypto audience on X that North Korean hackers are difficult to deal with since they are “advanced, creative, and patient.” Zhao says that what he says in his tweet comes from both his personal experience and what he has heard about those cyber criminals, as he revealed the methods those hackers use to gain access to users’ personal data and crypto on exchanges and personal wallets.
Their methods
The first method they used is posing as job candidates seeking a position in a victim’s company. They thereby get their foot in the door. They usually prefer to apply for roles as developers or in positions related to the finance or cybersecurity spheres.
The second method is that they pretend to be employers who are trying to interview victims or make an offer to employees. While conducting an “interview,” they pretend they have a problem with Zoom and offer to click on a link to download an “update.” This link usually contains a virus that helps them to gain control over the future victim’s device. Another option here is that they give a person a coding question and then send some “sample code” to them.
Another trick NK hackers love to use is posing as users having problems and sending malicious links in a letter to customer support. Those links also contain a virus.
Finally, CZ says, cyber cons can pay one's employees or bribe them or outsource vendors to let hackers access certain crucial data. CZ mentioned that, just a short while ago, a major Indian outsourcing service suffered a hacker attack. As a result, the user data of a major U.S. exchange was leaked, and users lost more than $400 million worth of their personal crypto.
CZ concluded his tweet with a warning to all crypto exchanges and wallets: “Train your employees to not download files, and screen your candidates carefully.”
Dan Burgin
Vladislav Sopov
U.Today Editorial Team