According to a report by Cointelegraph, a high-ranking official at blockchain security company Cyvers said that North Korean hackers, including the Lazarus Group, may be shifting their targets to larger entities, including Bitcoin exchange-traded funds (ETFs) in the U.S.

The Lazarus Group is linked to some of the most notorious hacking incidents in the cryptocurrency space, including the Ronin cross-chain bridge hack that resulted in a loss of $6.25 billion. According to Michael Pearl, Cyvers' Vice President of GTM Strategy, the hackers may be turning their attention towards U.S. Bitcoin ETFs due to the potential for huge rewards. Data from Dune shows that Bitcoin ETF on-chain BTC holdings have accumulated to $53 billion.

Pearl told Cointelegraph, “The FBI recently put out a warning about North Korean hackers trying to infiltrate ETFs and steal funds from them. So all of these ETFs… they’re storing the underlying Bitcoin somewhere, and you can be sure that someone’s already planning and thinking about how to steal it.”

Vulnerabilities in Bitcoin ETFs Could Spark Tighter Crypto Regulation

North Korean hackers targeting the infrastructure around Bitcoin ETFs poses worrying risks and potential challenges for the industry.

Cyvers' Pearl warned that not only ETF providers could be targets but also all related companies:

“It’s not just the ETF providers, it’s also the peripheral, all the companies that work closely with them… [ETF vulnerabilities] are something we need to address quickly otherwise we are going to see major hacks.”

According to Pearl, a potential “large-scale hack” on Bitcoin ETFs could trigger more stringent regulatory scrutiny in the United States, potentially prompting other jurisdictions to follow suit.

The FBI published a report earlier this month titled “North Korea Actively Targets Cryptocurrency Industry with Sophisticated Social Engineering Attacks,” in which the agency wrote:

“North Korean malicious cyber actors have been researching various targets associated with cryptocurrency exchange-traded funds (ETFs) in recent months, including pre-operational preparation efforts, indicating that North Korean actors may attempt malicious cyber activities against companies associated with cryptocurrency ETFs or other crypto-related financial products.”

The FBI has put out a statement/warning that "North Korean actors may attempt malicious cyber activities against companies associated with cryptocurrency ETFs." The notice includes what to watch for and what you can do about it. h/t @Cointelegraph Link: https://t.co/aeyrg9ElWh pic.twitter.com/8OR8iOXhnb

— Eric Balchunas (@EricBalchunas) September 4, 2024