According to an FBI alert, teams of North Korean malicious cyber actors are targeting specific decentralized finance or cryptocurrency-related businesses with social engineering to gain unauthorized access to the companies’ networks to deploy malware and steal cryptocurrency.
Details: The alert said North Korean cybercriminals have researched entities connected to cryptocurrency exchange-traded funds, suggesting actors may attempt malicious cyber activities against companies associated with cryptocurrency ETFs or other crypto-related financial products.
Goal: The FBI said North Korea is conducting these attacks—which have totaled $3 billion in the last several years—to fund the country’s weapons of mass destruction program.
Policy Recommendations: The Commodity Futures Trading Commission’s Technology Advisory Committee in January called on the government to address risks posed by decentralized finance, or DeFi, including its susceptibility to hacks and exploits. The International Organization of Securities Commissions previously finalized ICBA-supported recommendations calling for more consistent regulatory frameworks and oversight of DeFi across its member jurisdictions.
ICBA View: In a comment letter, ICBA said IOSCO’s recommendations will help identify and manage key risks, ensure clear and comprehensive disclosures, and foster cross-border cooperation. ICBA also urged the Financial Crimes Enforcement Network to strengthen its crypto mixer proposal to help curtail North Korea’s money laundering operations.