Key Highlights:

  • North Korean hackers linked to Lazarus Group set up fake companies to distribute malware to crypto developers.

  • Companies included BlockNovas LLC (New Mexico) and SoftGlide LLC (New York).

  • Attackers used fake job interviews to steal credentials and compromise wallets.

Hackers Used Fake Companies as Fronts

North Korean hackers, tied to the infamous Lazarus Group, set up two U.S.-based shell companies — BlockNovas LLC in New Mexico and SoftGlide LLC in New York — along with another entity, Angeloper Agency, to lure cryptocurrency developers, according to cybersecurity firm Silent Push. The group, known as "Contagious Interview," targeted developers with malware through fake job interview offers.

Fake Domains and AI-Generated Profiles

Researchers found domains like lianxinxiao[.]com and blocknovas[.]com tied to the campaign. The attackers used AI-generated employee profiles to legitimize the fake companies and bait victims.

Link to Major Hacks

The tactics mirror earlier operations like the Ronin Bridge hack, which led to a $625 million theft in 2021. Since 2017, Lazarus-linked operations have stolen over $3 billion worth of cryptocurrency, according to U.N. and Chainalysis estimates.

Read the full article on theblock.
Quantum Firm Offers 1 BTC to Anyone Who Can Crack Bitcoin’s Cryptography
Previous Post
Quantum Firm Offers 1 BTC to Anyone Who Can Crack Bitcoin’s Cryptography