A hacker group uses phishing attacks to attack Japanese cryptocurrencies.
The attacks were carried out using phishing and social engineering techniques, Japan News (local media) reported.
Lazarus hackers allegedly contacted target companies by posing cryptocurrency executives in emails and social media.
Once they established contact with a victim, they infected the company's computer systems with malware. After that, crypto was already in the hands of scammers, and they safely escaped after the crime (well, it's a bit easier to escape online than offline :D).
The joint statement also contained some general security recommendations: potential victims were advised to keep their private keys offline and to be careful when opening emails and hyperlinks.
It also said that such attacks were almost massive, but no amounts or total losses were named.
So, come on, don't be lazy and take care of your security, don't repeat passwords on different services, have left email and logins for registrations on other and/or unverified resources, and do not abusive projects from the central purse, and do not sign contracts from the main bag on left sites.