North Korea accused of raising money by stealing bitcoins in hack attacks

Share

While North Korean hackers have been conducting cyberattacks overseas for years, especially against South Korea (paywall), a new report from security firm FireEye notes that the country has incorporated a new element into its online warfare-bitcoin.

North Korea seems to be ramping up cyberattacks to steal Bitcoin and other cryptocurrencies that could be used to circumvent trade restrictions and global sanctions and obtain hard currencies to fund the regime.

"With North Korea's tight control of its military and intelligence capabilities, it is likely that this activity was carried out to fund the state or personal coffers of Pyongyang's elite, as worldwide sanctions have constricted the Hermit Kingdom", FireEye said in a statement. After acquiring bitcoin or other cryptocurrencies, North Korea could then launder them on exchanges and get hard cash in return, as its main avenues for making money get cut off one by one.

It's just the latest example of the illicit ways North Korea allegedly brings in money as it endures wave after wave of increasingly tough global sanctions over its rapidly advancing nuclear weapons program.

Since the following month in May, FireEye researchers revealed they observed North Korean hackers target at least three South Korean cryptocurrency exchanges to steal funds.

North Korea said before the sanctions were approved the U.S. would face "pain and suffering" and Pyongyang was "ready and willing" to retaliate if the vote passed. Bitcoins have more than quadrupled in value since the beginning of the year, from $963 to $4,222.

More news: Dead, Others Injured in Washington High School Shooting
More news: Angelina Jolie is annoyed by the rumors, it sets the record straight
More news: Lady Gaga reveals why she and Taylor Kinney ended their engagement

FireEye identified the North Korean group behind the bitcoin attacks as TEMP.Hermit.

New sanctions following North Korea's most recent nuclear test will hamper its ability to legitimately import gas and oil from China, but the nation retains an ability - and an increasing interest - in generating enormous revenues through cybercrime. They included a cyberheist on Bangladesh's central bank in which tens of millions of dollars were stolen.

Intelligence agencies and cybersecurity experts have also linked North Korea to WannaCry, the biggest cyberattack the world has ever seen.

If actors compromise an exchange itself (as opposed to an individual account or wallet) they potentially can move cryptocurrencies out of online wallets, swapping them for other, more anonymous cryptocurrencies or send them directly to other wallets on different exchanges to withdraw them in fiat currencies such as South Korean won, United States dollars, or Chinese renminbi.

North Korean hackers have previously targeted South Korean cryptocurrency exchanges, stealing bitcoin worth $88,000 (at the time) between 2013 and 2015, according to Yonhap News, which cited South Korean cybersecurity firm Hauri.

Share