Bitcoin is silver, compromise is gold: Emerging North Korea-based threat actors on the hunt for cryptocurrency
Contents
Bitcoin is silver, compromise is gold: Emerging North Korea-based threat actors on the hunt for cryptocurrency
From cyber heists to ATM cashouts, North Korea-based threat actors follow the money wherever it goes. They are adept at scouting and exploiting emerging opportunities, as their long-standing focus on cryptocurrency theft demonstrates.
This presentation places centre-stage two emerging North Korea-based threat actors hunting for crypto: internally, PwC actively tracks these groups as Black Alicanto (a.k.a. DangerousPassword, CryptoCore, CryptoMimic, LeeryTurtle) and Black Dev 2. While Black Alicanto is more well-known, there has been little information in open source about Black Dev 2, and its continuing campaign “Operation Gold Hunting” – this presentation aims to address that.
In the session, Sveva will analyse the spearphishing themes of these two threat actors and their overall tools, techniques, and procedures. Sveva will also discuss the geographic span of their targeting; how their focus has broadened, from cryptocurrency wallets heists, to …
From cyber heists to ATM cashouts, North Korea-based threat actors follow the money wherever it goes. They are adept at scouting and exploiting emerging opportunities, as their long-standing focus on cryptocurrency theft demonstrates.
This presentation places centre-stage two emerging North Korea-based threat actors hunting for crypto: internally, PwC actively tracks these groups as Black Alicanto (a.k.a. DangerousPassword, CryptoCore, CryptoMimic, LeeryTurtle) and Black Dev 2. While Black Alicanto is more well-known, there has been little information in open source about Black Dev 2, and its continuing campaign “Operation Gold Hunting” – this presentation aims to address that.
In the session, Sveva will analyse the spearphishing themes of these two threat actors and their overall tools, techniques, and procedures. Sveva will also discuss the geographic span of their targeting; how their focus has broadened, from cryptocurrency wallets heists, to …