North Korea has been in the news for all the wrong reasons lately, which is generally the case whenever it’s in the news. But this time, it isn’t mostly impotent threats of nuclear war or whimsical dictatorship that it’s making headlines for. Cybersecurity company FireEye has released a report suspecting North Korea’s involvement in attacks on South Korea’s bitcoin reserves.
FireEye’s observation of North Korea’s intrusion capabilities go back to 2016, when they began noticing state actors targeting their neighbours’ financial institutions. This was a departure from the country’s classic espionage-focused hacking efforts. The researchers believe that the attacks on banks were carried out as a means to replenish Pyongyang’s coffers, since international sanctions have restricted its ability to obtain funds.
The more recent campaign is part of the second wave of attacks, according to FireEye. North Korea appears to have taken a liking for virtual currencies like bitcoin, since that would be an easy way to circumvent the restrictions created by international sanctions. Within the last four months, FireEye’s systems have registered three attacks on the South’s cryptocurrency exchanges by North Korean state actors.
FireEye reveals that the specific method used to carry out these cyber attacks is spear phishing. Spear phishing is a twist on conventional phishing in which hackers send emails pretending to be a known connection like a friend or a business from which you’ve made a purchase. They use this feigned familiarity to obtain passwords to accounts. The targets in this case are employees at the cryptocurrency exchanges, who receive emails with tax-themed inducements containing different kinds of malware.
This isn’t the first instance of North Korea being involved in large-scale cybersecurity attacks. In April this year Kasperky Labs revealed that it had found evidence of direct links between North Korea and the the perpetrators of the Bangladesh bank heist, Lazarus Group. North Korea was also show to have played a role in WannaCry, which experts were able to link, once again, to Lazarus Group.
There have also previously been attacks carried out specifically against South Korean institutions. In April this year four wallets on bitcoin exchange Yapizon were hacked, leading to the loss of 3,816 bitcoins. Since then three different South Korean exchanges have been targeted in spear phishing attacks, following the US announcing stricter economic sanctions on the North.
FireEye makes the conclusion that the sudden rise in the value of cryptocurrencies has led to nation states beginning to take a much deeper interest in them. Russia, for example, has a high-level advisor to Vladimir Putin trying to raise $100 million in an ICO. Australia has seen a bipartisan push for its Reserve Bank to recognize bitcoin as legal tender. With that going on, it comes as no surprise that criminal enterprises and regimes like North Korea have their sights set on acquiring a portion of the new asset class.
This post was written by one of our guest writers.
Author: Prateek Jose
If you’d like to write for us, get in touch at firstname.lastname@example.org
Follow us on Twitter – Click Here
Join The Bit Forum – Click Here
Discover New ICO’s – Click Here