朝鮮的加密搶劫：貪污，NFTS和500萬美元的賞金

朝鮮黑客越來越多地針對加密貨幣和NFT項目，匯集了被盜資金以支持該政權。從詳盡的挪用公款計劃到NFT漏洞，威脅是真實的和不斷增長的。

The intersection of North Korea, cryptocurrency, and embezzlement is becoming an increasingly concerning trend. From elaborate scams targeting blockchain companies to brazen NFT heists, North Korean operatives are finding new ways to exploit the digital asset space. The latest developments paint a disturbing picture of state-sponsored cybercrime, with potentially millions of dollars being siphoned off to fund the regime's activities. And now, the FBI is offering a cool $5 million for information leading to the arrest of four men involved.

朝鮮，加密貨幣和挪用公款的交集變得越來越令人關注。從針對區塊鏈公司的精心製作的騙局到Brazen NFT搶劫，朝鮮特工正在尋找開發數字資產空間的新方法。最新的發展描繪了國家資助的網絡犯罪令人不安的圖片，可能會花費數百萬美元來資助該政權的活動。而現在，聯邦調查局（FBI）提供了一筆涼爽的500萬美元，以獲取導致逮捕四名男子的信息。

Remote Work Ruse: Embezzlement Goes High-Tech

遠程工作詭計：挪用公款高科技

In a recent case, federal prosecutors charged four North Korean nationals with running a cryptocurrency embezzlement scheme. These individuals allegedly posed as remote IT workers, using fake identities to infiltrate companies in Georgia and Serbia. Once inside, they siphoned off over $900,000 in stolen digital assets, laundering it through services like Tornado Cash (a platform previously sanctioned by the U.S. Treasury) and funneling it back to North Korea. The goal? To support weapons development and evade international sanctions. Talk about a sophisticated operation!

在最近的一個案件中，聯邦檢察官指控四名朝鮮國民採用加密貨幣挪用公款計劃。據稱，這些人以遠程IT工人的身份冒充了偽造的身份來滲透在佐治亞州和塞爾維亞的公司。進入室內後，他們將超過900,000美元的被盜數字資產抽出，通過龍捲風（Tornado Cash）（以前由美國財政部批准的平台）進行洗滌，並將其匯回朝鮮。目標？支持武器開發並逃避國際制裁。談論一個複雜的操作！

U.S. Attorney Theodore S. Hertzberg hit the nail on the head: "This is not just a long con for personal enrichment. The money stolen doesn’t go to these individuals — it funds weapons programs and other destabilizing efforts of the North Korean regime."

美國檢察官西奧多·S·赫茲伯格（Theodore S. Hertzberg）擊中了指甲：“這不僅是個人充實的長期騙局。這筆錢被盜並不是這些人 - 它為武器計劃提供了資金和朝鮮政權的其他穩定努力。”

NFTs in the Crosshairs: Pepe Gets Hacked

十字準線中的NFT：Pepe被黑客入侵

But the schemes don't stop there. Remember Pepe the Frog? Even the NFT projects linked to its creator, Matt Furie, haven't been safe. A devastating cyberattack, reportedly orchestrated by North Korean hackers, resulted in over $1 million in losses. The hackers infiltrated projects by posing as legitimate developers and gaining access to critical systems. This allowed them to mint countless NFTs, tank the floor price, and make off with a hefty sum. In one instance, an infiltrator was hired as a Chief Technology Officer – highlighting the need for better operational security.

但是這些方案並不止於此。還記得青蛙佩佩嗎？即使是與其創建者Matt Furie相關的NFT項目，也不是安全的。據報導，由朝鮮黑客精心策劃的毀滅性網絡攻擊造成了超過100萬美元的損失。黑客通過擺姿勢作為合法開發人員並獲得關鍵系統的訪問來滲透項目。這使他們能夠鑄造無數的NFT，將地板價格打倒，並以巨額資金賺錢。在一個例子中，聘請了滲透器為首席技術官 - 強調需要更好的運營安全。

Blockchain investigator ZachXBT traced these attacks back to a group linked to North Korea, likely associated with the infamous Lazarus Group. It's a stark reminder that even the meme-iest corners of the internet aren't immune to state-sponsored cybercrime.

區塊鏈的調查員Zachxbt將這些攻擊追溯到與朝鮮相關的團體，可能與臭名昭著的Lazarus集團有關。這是一個明顯的提醒，即使是互聯網的最模因角落也不能不受國家資助的網絡犯罪的影響。

What Can You Do? Vet, Verify, and Vigilance!

你能做什麼？獸醫，驗證和警惕！

The FBI and DOJ are urging companies, especially those in the cryptocurrency and tech sectors, to thoroughly vet remote employees. Red flags include resistance to video calls, frequent address changes, and even keyboard settings defaulted to Korean. Seriously, folks, it’s time to up your hiring game.

聯邦調查局和司法部正在敦促公司，尤其是加密貨幣和技術領域的公司，以徹底審查遠程員工。危險信號包括對視頻呼叫的阻力​​​​，頻繁的地址更改，甚至違約鍵盤設置為韓文。認真地說，伙計們，是時候提高您的招聘遊戲了。

As U.S. Attorney Theodore S. Hertzberg put it, "If companies that work in this space want to protect themselves, they would be wise to hire Americans and thoroughly vet all potential employees and business partners."

正如美國檢察官西奧多·S·赫茲伯格（Theodore S.

A Word of Caution

謹慎

The North Korean cyber threat is a serious one, and it's evolving rapidly. Companies need to be proactive in protecting themselves. But in the meantime, you can also help by keeping an eye out for anything suspicious and reporting it to the FBI.

朝鮮網絡威脅是一個嚴重的威脅，它正在迅速發展。公司需要主動保護自己。但是與此同時，您還可以注意任何可疑的東西，並將其報告給聯邦調查局。

In conclusion, the situation is getting pretty intense. But hey, at least we're learning about cybersecurity the hard way, right? Stay safe out there, folks!

總之，情況變得非常激烈。但是，嘿，至少我們正在學習艱難的網絡安全，對嗎？伙計們，保持安全！