North Korean hackers have been actively targeting cryptocurrency developers through sophisticated phishing campaigns, using fake U.S. companies as a front. These operations involve creating shell corporations to offer job interviews, ultimately compromising crypto wallets with malware.

Two such fake firms, Blocknovas LLC and Softglide LLC, were established in New Mexico and New York, violating Office of Foreign Assets Control (OFAC) and UN sanctions. A third entity, Angeloper Agency, has also been linked to the campaign. The FBI has seized the website for Blocknovas, citing its use by North Korean cyber actors to deceive individuals with fake job postings and distribute malware.

These attacks involve fake personas offering job interviews, followed by "sophisticated malware deployments" designed to compromise cryptocurrency wallets, gain passwords, and steal credentials. Cybersecurity firm Silent Push identified these fake companies as being under the control of a hacker subgroup within North Korea's Lazarus Group, which is part of the Reconnaissance General Bureau, Pyongyang's main foreign intelligence agency. The Blocknovas front has been the most active of the two identified companies.

This activity is part of a broader pattern of North Korean cyber operations. The Lazarus Group, responsible for a $1.4 billion hack of crypto exchange Bybit in February, is expanding into phishing campaigns targeting the crypto industry. Recent incidents include a phishing attempt targeting Manta co-founder Kenny Li, using a fake Zoom call to distribute malware.

Furthermore, a GTIG report revealed that North Korean IT workers are infiltrating teams across the U.S., UK, Germany, and Serbia, using fake resumes and forged documents to pose as legitimate developers. The FBI is focused on imposing risks and consequences on both the DPRK actors and those facilitating their schemes.

In related news, Google has begun scanning photos, impacting 3 billion users. This has led to privacy concerns and instructions on disabling AI in Google Messages and WhatsApp, along with discussions about new messaging privacy options.