The activities of hacker groups in North Korea are supported on a national level. Their tactics are difficult to recognise - they can fool even people with high technical knowledge. To avoid such threats, the FBI recommends that companies stop storing coins using internet-connected devices and create secure systems to verify individuals working in the state.

In essence, we’re talking about using solutions that involve the hardware wallets we’re familiar with. We are talking about devices that are not directly connected to the Internet, and in the case of Ledger wallets, private keys are stored on special isolated chips.

Ledger Flex hardware cryptocurrency wallet

The advantages of such devices are the need to confirm each transaction manually, which significantly reduces the risks of successful online attacks. In addition, it is important to note that the screens in such devices are connected to the aforementioned chip and do not interact with the outside world.

Thanks to this, they show the real addresses to which the transfer will be made. Thus, the owner of the device is also protected from the effects of viruses that can substitute data on the screens of smartphones, laptops and other devices with an Internet connection.

Danger of hackers for crypto investors

The actions of cybercriminals pose a constant threat to the crypto industry. Moreover, the agency notes that hackers are improving their methods of work. Here is a quote on the matter, which is cited by The Block.

Over the past few months, North Korean attackers have been researching various targets related to cryptocurrency exchange-traded funds (ETFs). These included preparations to suggest that hackers might attempt to carry out malicious acts against companies associated with ETFs or other cryptocurrency-based financial products.

The primary targets of North Korean hackers

In addition to researching potential targets, North Korean cybercriminals impersonated members of the management of various companies of their victims.

On top of that, they concocted fake scenarios that matched the victim’s background, skills, or business interests to gain and exploit their trust.

Amounts of funds stolen by North Korean hackers

Other tactics used include getting the victim to download an app on a device connected to the company’s network. A seemingly innocuous software package contains malicious code that allows criminals to find and exploit vulnerabilities in a company’s defences.

To avoid such threats, the FBI recommends that companies stop storing private keys on cryptocurrency wallets with a permanent connection to the Internet, so-called hot wallets.

In general, this is a basic security rule for all users of digital assets – including beginners. The advantage of cold wallets is their isolation from the internet, so hackers cannot remotely extract the private key and gain access to the coins.

Ledger Stax hardware wallet

Companies should also pay more attention to data access systems for their employees. Still, sometimes major problems arise because of an attack on the giants’ rank and file, not their management.

According to sources, hackers are not the only problem for the crypto industry. The Securities and Exchange Commission (SEC) continues to create difficulties for companies within it.

Last night, it was reported that the regulator filed charges against crypto company Galois Capital and subsequently settled with it over how it stored client assets. According to SEC spokesman Corey Schuster, the charges involved a private fund that primarily invested in cryptocurrencies. Here’s a rejoinder to that.

Galois Capital failed to comply with custodian regulations and exposed investors to the risk of losing fund assets and crypto assets among other things, misusing them or misappropriating them. We will continue to hold advisers who violate their core obligations to protect investors accountable.

Former FTX crypto exchange chief executive Sam Bankman-Fried

Since July 2022, Galois Capital failed to ensure that certain cryptocurrencies owned by a fund it advised were “held by a qualified custodian.” For example, Galois held some assets on crypto platforms, including FTX, and the platform in question did not belong to a list of qualified custodians.

The company was hit hard by the collapse of FTX in November 2022. The collapse of the exchange resulted in the loss of billions of dollars in customer funds, as well as the arrest of its former head Sam Bankman-Fried. The latter was later sentenced to a 25-year prison term.

And this is quite a funny moment, because at one time it was the Securities Commission that did not protect investors from the collapse of the trading platform. Its management misused users' funds for a long period of time, and SEC Chairman Gary Gensler also met with Sam Bankman-Fried.

Sam Bankman-Fried is the former head of crypto exchange FTX

According to the SEC, about half of the fund’s assets under management were lost within weeks in November 2022 after the collapse of FTX. Galois then closed in February 2023.

The company neither admitted nor denied the regulator’s findings, and agreed to cease and desist from future violations. It will also pay $225,000 in fines.


Overall, hackers continue to be a serious threat to the digital asset industry. In this situation, we have to hope that the coin storage infrastructure of the Coinbase exchange excludes the possibility of remote hacking. As a reminder, this platform acts as the main custodian for many issuers of spot cryptocurrency ETFs, i.e. it is responsible for storing the crypto underlying their instruments.