North Korean cryptocurrency hackers expand target list

Researchers at the cybersecurity firm Proofpoint observed in early December a massive wave of phishing emails from a cluster of North Korea-related hacking activity linked to TA444, the firm’s name for the group. TA444 has overlapped with Lazarus, a group of North Korean hackers to which the FBI attributed a record $600 million dollar cryptocurrency attack on Ronin Bridge, the infrastructure that connected the Axie Infinity video game with the Ethereum blockchain. Technically, it deviates from the group’s previous activity in that the hackers focused on trying to steal the target’s login and passwords rather than a direct deployment of malware.