The price of digital currency bitcoin has soared this year to almost $20,000 per bitcoin from just under $1,000 at the beginning of 2017.

The latest bitcoin development will see it trading on the CME Globex electronic trading platform in the US from today following its introduction Cboe Global Markets exchange earlier this month.

It means that investors will be able to buy and sell future contracts in bitcoin — an important stage in the development and acceptance of cryptocurrencies as financial instruments.

Bitcoin’s move to the mainstream this year — which has included increased regulation with promises of more to come and adoption of bitcoin in China and Japan — means it has attracted the attention of criminals keen to get hold of the now valuable digital asset.

North Korea would appear to be among them — people suspect North Korea is after cryptocurrencies in order to evade the financial sanctions imposed as punishment for the country’s development of nuclear weapons.

The infamous North Korean hacking group known as the Lazarus Group is suspected of running a so-called spear-phishing campaign targeting people who work cryptocurrency companies, according to cyber security company Secureworks.

The Lazarus Group hit the big time in recent years with the WannaCry ransomware outbreak, the leak of Sony emails, and the $81m cyber-heist from the Bangladesh Central Bank.

Now the group is after bitcoin and using phishing emails and the lure of a job opening for a chief financial officer (CFO) role at a London-based cryptocurrency company, it’s trying to gain access to people’s bitcoin wallet private keys.

Read more: Who controls your bitcoin? Why all that new wealth isn’t really in your hands

The email message has a Microsoft Word document attached and if downloaded can install malware known as a Remote Access Trojan that can open up someone’s device to the intruders.

On receiving the email uses see instructions to “enable content” which triggers the Trojan malware.

3 Things That Will Change the World Today

The document contains the job description and the qualifications required.

The job description for a CFO at a European-based Bitcoin company used in the lure document is similar to the LinkedIn profile of a CFO of an actual cryptocurrency company in Asia.

Rafe Pilling, senior security researcher at Secureworks, told Verdict:

The macro command used to deploy the malware has been in use since summer 2016 and has been strongly linked to North Korea operatives. We think it’s a good technical indicator of North Korea’s involvement in the phishing campaign.

Researchers are still investigating the scale of the campaign, but it’s thought that the phishing emails started to be distributed in late October and that attacks are still ongoing.

Secureworks recommends cryptocurrency companies better protect themselves by using two-factor authentication to make it more difficult for attacks to gain access to accounts, teach employees about social engineering and how cyber criminals might contact them, and install strong malware protection.

Meanwhile, it has been reported that South Korean cryptocurrency exchange Bithumb was hacked by North Korea last week.

The BBC reported last week that at least $7m in digital money was stolen in multiple hacks in February of this year, citing sources at South Korean spy agency, the National Intelligence Service.

The stolen bitcoin has since ballooned in value to $82.7m.