A June 13 threat intelligence report from Google Cloud exposed an alarming wave of cyberattacks by North Korean hackers targeting cryptocurrency exchanges, fintech companies, and individuals in Brazil.
The report identifies the notorious North Korean hacking group Pukchong (also known as UNC4899) as the culprit behind the recent attacks.
Cybercriminals use a sinister tactic to lure unsuspecting victims into downloading malicious software disguised as a crypto price tracker. The malware gives the attackers control over the victim’s system and enables the retrieval of additional harmful payloads.
Brazil's digital infrastructure faces threats beyond traditional ransomware.
Our new blog post combines Google TAG and Mandiant expertise to analyze Brazil’s unique threat landscape.
Read now: https://t.co/V2Nb3M80sJ#Cybersecurity #CyberEspionage #Ransomware #Brazil pic.twitter.com/zSbroB8VvN
— Mandiant (part of Google Cloud) (@Mandiant) June 12, 2024
According to Google threat intelligence, North Korean groups have targeted Brazil’s cryptocurrency firms and aerospace, defense, and government entities. In contrast, Chinese government-backed cybercriminals focus on targeting government organizations and the energy sector in the South American nation.
In addition to Pukchong, other North Korean hacking groups, such as GoPix and URSA, were also found to be actively targeting Brazilian cryptocurrency firms using similar malware attacks.
This discovery came amid critical concerns over the security of cryptocurrency wallets and exchanges, which are constantly being attacked by hackers.
On April 15, Trust Wallet warned about a zero-day exploit targeting iOS users. The crypto wallet provider disclosed that the flaw could allow hackers to gain
Read more on cryptonews.com