North Korea is trying to amass a bitcoin war chest
Sep 14 2017
North Korea is suspected of intensifying cyber-attacks to steal virtual currency in order to obtain funds and avert tightening sanctions, according to security experts. With North Korea's tight control of it's military and intelligence capabilities It is likely that this activity was carried out to fund the state or personal coffers of Pyongyang's elite, as global sanctions have constricted the Hermit Kingdom.
Hackers from Kim Jong Un's regime are increasing their attacks on cryptocurrency exchanges in South Korea and related sites, according to a new report from security researcher FireEye Inc., Bloomberg reported.
By compromising a Bitcoin exchange, hackers can manage to move cryptocurrencies out of online wallets, swap them for other, more anonymous cryptocurrencies or send them directly to other wallets on different exchanges to withdraw them in fiat currencies such as South Korean won, United States dollars, or Chinese renminbi, according to the security firm. However, FireEye noted that some of the tactics and procedures reportedly used during this attack were different than the ones seen in the May attacks noting that there are "no clear indications of North Korean involvement".
The intrusions followed previous efforts by operators with ties to North Korea to target "bank and the global financial system", the firm said. After acquiring bitcoin or other cryptocurrencies, North Korea could then launder them on exchanges and get hard cash in return, as its main avenues for making money get cut off one by one.
Early May - Spearphishing against South Korean Exchange #1 begins.
The largest alleged heist occurred in June, where North Korea allegedly attacked Seoul-based Bithumb, the fourth largest virtual currency exchange in the world. Some of the attacks were carried out through spear phishing, a process in which a malicious actor sends out fraudulent emails with the intent to distribute malware.
Kim's apparent interest in cryptocurrencies comes amid rising prices and popularity.
North Korea may be attempting to circumvent the effects of tough economic sanctions by enlisting state-sponsored hackers to target bitcoin exchanges, according to a prominent cybersecurity firm.
If actors compromise an exchange itself (as opposed to an individual account or wallet) they potentially can move cryptocurrencies out of online wallets, swapping them for other, more anonymous cryptocurrencies or send them directly to other wallets on different exchanges to withdraw them in fiat currencies such as South Korean won, U.S. dollars, or Chinese renminbi. (NASDAQ:FEYE) says that North Korea is carrying out cyber attacks to gain hold of cryptocurrencies. Yapizon announced losing 3,816 bitcoins or about $5.3 million.
"As more money goes into cryptocurrency exchanges and more people buy bitcoin and ethereum, exchanges become larger targets for this group", said McNamara. Cyber criminals may no longer be the only nefarious actors in this space.