North Korean cyber operatives reportedly set up two fraudulent businesses in the United States, evading Treasury sanctions to infect cryptocurrency developers with malware. The entities, Blocknovas LLC and Softglide LLC, were registered in New Mexico and New York using fabricated identities and addresses.

According to a Reuters report that cites researchers at U.S. cybersecurity firm Silent Push, a third entity, Angeloper Agency, is also linked to the campaign, but its registration status remains unclear.

“This is a rare example of North Korean hackers successfully establishing legal corporate entities in the U.S. to create fronts for attacking unsuspecting job applicants,” said Kasey Best, Silent Push’s director of threat intelligence.

Silent Push’s investigation reportedly connects the hackers to a subgroup of the Lazarus Group, an alleged elite North Korean cyber team linked to Pyongyang’s Reconnaissance General Bureau. While the FBI did not comment directly on Blocknovas or Softglide, a seizure notice appeared Thursday on Blocknovas’ website. The agency stated that North Korean cyber actors had used the domain to post fake job listings and distribute malware.

According to FBI officials quoted in the report, the law enforcement agency is committed to imposing consequences on both North Korean actors and their enablers. Still, one unnamed official described North Korea’s cyber operations as “one of the most advanced persistent threats” facing the U.S.

As per the report, North Korea’s mission to the United Nations in New York did not respond to requests for comment.

“These attacks use fake personas offering job interviews, leading to malware deployments that compromise developers’ cryptocurrency wallets and credentials,” Best said.

North Korea continues targeting the cryptocurrency sector to generate illicit funds for its regime. Its hackers are widely believed to be behind the Bybit hack that saw the cryptocurrency exchange lose digital assets valued at approximately $1.5 billion.

The U.S., South Korea, and the United Nations previously reported that Pyongyang deployed thousands of IT workers, mostly overseas, raising millions to fund its nuclear missile program. However, the establishment of businesses inside the U.S. is seen as a troubling escalation.

免责声明：本文章仅代表作者个人观点，不代表本平台的立场和观点。本文章仅供信息分享，不构成对任何人的任何投资建议。用户与作者之间的任何争议，与本平台无关。如网页中刊载的文章或图片涉及侵权，请提供相关的权利证明和身份证明发送邮件到support@aicoin.com，本平台相关工作人员将会进行核查。