Japanese authorities warn of N.Korean hacker attacks on cryptoassets

Japanese authorities have warned that a hacking group believed to be part of the North Korean government is targeting cryptoasset businesses in Japan.

National Public Safety Commission Chairperson Tani Koichi said on Friday that the authorities found that a North Korean government branch, Lazarus, conducted cyberattacks targeting Japanese cryptoasset businesses and others.

He said the National Police Agency, the Financial Services Agency and the National Center of Incident Readiness and Strategy for Cybersecurity issued a joint warning about Lazarus.

The authorities say the group steals digital assets using a technique known as social engineering.

The method includes sending fake emails to employees of target companies by pretending to be the firms' executives. Employees can also be contacted through fake social media accounts.

The authorities urge employees to think twice before opening attached files or clicking on URLs in emails, and to check senders' social media profiles.

Japanese authorities rarely issue alerts naming countries or hacking groups.

The US government disclosed Lazarus's tactics in an advisory issued in April.

An expert panel at the UN Security Council on sanctions against North Korea said in its interim report last week that the group is targeting cryptoasset exchanges.

The National Police Agency says Lazarus is believed to have been involved in some cyberattacks targeting companies in Japan.