Illegal Cryptocurrency Scheme Rewards $20,000 Monthly for 'Vishing' Frauds Underground

In the world of cryptocurrency, a new threat has emerged that is causing concern among industry leaders. A recent report by GK8 has revealed that North Korean operatives have infiltrated crypto firms by creating fake companies and using deepfakes during job interviews.

The attacks, known as "vishing" campaigns, are highly targeted and personalized, focusing on high-value crypto executives and professionals with privileged access. These executives, including senior legal officers, engineers, financial controllers, and CTOs, have a minimum net worth of approximately $500,000.

The threat actors behind these operations have a reputation on underground forums, as confirmed by GK8 researchers. They possess curated datasets of executive personal information and are increasingly using deepfake voices and video, as well as Real-time AI-driven attacks.

The attacks use sophisticated infrastructure to bypass traditional security measures. Attackers deploy Voice over Internet Protocol systems, direct inward dialing numbers, and SMS capabilities to impersonate banks, crypto services, and government agencies.

One of the key detection methods for these attacks, according to Jimmy Su, Binance's chief security officer, is that attackers "almost always have a slow internet connection" due to translation and voice-changing technology working during calls.

The GK8 report indicates that threat actors are shifting focus from mass phishing campaigns to "quality over quantity" targeting. This means that they are specifying detailed recruitment criteria for callers, including accent preferences, gender selection, language capabilities, and availability across time zones to match specific target profiles and maximize victim engagement during peak hours.

Crypto organizations must defend against "customized social engineering attacks that exploit human vulnerabilities," according to Bekker. Bekker recommends that executives assume their personal information has already been exposed and ensure high-value transactions should not be confirmed by a single individual.

The threat is not limited to the U.S. Similar social engineering campaigns targeting crypto executives are reportedly occurring in Germany, the UK, and Australia. As these attacks become more sophisticated over the next 12-18 months, making it increasingly difficult to distinguish between fake and reality, it is crucial for the industry to stay vigilant and implement robust security measures.

Illegal Cryptocurrency Scheme Rewards $20,000 Monthly for 'Vishing' Frauds Underground