North Korean hackers have targeted crypto developers by creating fictitious companies in the U.S. Security firm Silent Push reported that these hackers established two fake businesses, Blocknovas and Softglide, linked to the notorious Lazarus Group. This operation involves deceptive practices such as fake job postings on platforms resembling LinkedIn to lure unsuspecting developers. During interviews, targets were tricked into downloading malware disguised as job application tools. The FBI seized the Blocknovas domain, indicating it was used to disseminate malware under the guise of job offers. Researchers noted that the malware involved was linked to past North Korean cyber operations and could steal data, provide remote system access, and facilitate further malicious activities. This scenario is unusual as it exemplifies North Korean hackers successfully establishing legal fronts in the U.S. to facilitate cyber attacks, further revealing the complexities of cybersecurity in the crypto space.

Source 🔗