North Korea to target stimulus checks in weekend cyberattack: report

North Korea's Lazarus Group is planning a massive cyberattack this weekend. And it's coming after COVID-19 government stimulus checks, according to internet security firm Cyfirma.

By Colin Harper

2 min read

The infamous North Korean Hacking syndicate Lazarus Group may be targeting Americans who are expecting stimulus payoutsamong other beneficiaries of government stimulus from around the world.

According to a report by internet security research firm Cyfirma, Lazarus Group has devised a phishing scheme with some 5 million individuals and businesses in mind, spanning across the US, UK, Singapore, Japan, India and South Korea.

Cyfirma expects the attack to come this weekend over a two-day period and to affect small, medium and large businesses in addition to citizens.

The idea is to get these targets on the hook by impersonating a public servant or authority from their jurisdiction. If the intended victims take the bait, then they may divulge personal information that the hacking group can use to its benefit, Cyfirma explains in the post:

“The hacking campaign involved using phishing emails under the guise of local authorities in charge of dispensing government-funded Covid-19 support initiatives. These phishing emails are designed to drive recipients to fake websites where they will be deceived into divulging personal and financial information.”

Each country on the list (as with many around the world) are engaging in some form of stimulus for either its populace, business sector or both. Each scheme, Cyfirma detailed in the report, involves enticing targets with additional payouts, with the ultimate hope of teasing out more personal information from themperhaps to sell on the black market.

Cyfirma has identified the following emails as being impersonator accounts involved in the phishing plan: covid19notice@usda.gov; ccff-applications@bankofengland.co.uk; covid-support@mom.gov.sg; covid-support@mof.go.jp; ncov2019@gov.in; and fppr@korea.kr.

The Lazarus Group has become crypto’s archetypal “bad guy” hacker group. The blackhat syndicate routinely burgles cryptocurrency exchanges, particularly those in South Korea. Some figures estimate that Lazarus has filched over $550 million in cryptocurrency over the years.

Get crypto news straight to your inbox--

sign up for the Decrypt Daily below. (It’s free).

Recommended News