According to cybersecurity firm Recorded Future, North Korea is releasing herds of malware all targeting online exchanges to steal cryptocurrencies.
A report released by the firm shows that in the year 2018, North Korea ramped up its hacking activities by as much as 370%, compared to the same period last year. Recorded Future goes further to say in the report that North Korea uses lethal malware such as the WannaCry virus in their grand cyber theft activities.
North Korea is said to have created an elite group (no coalition) of hackers that calls itself as the ‘Lazarous Group.’ This group, is also referred to by the US Agencies as the ‘Hidden Cobra,’ and is believed to be behind a number of attacks on a number of exchanges and custodial services in South Korea.
“North Korean government actors, specifically Lazarus Group, continues to target South Korean cryptocurrency exchanges and users in late 2017, before Kim Jong Un’s New Year’s speech and subsequent North-South dialogue,” reads in part, the report by Recorded Future.
“The malware employed shared code with Destover malware, which was used against Sony Pictures Entertainment in 2014 and the first WannaCry victim in February 2017.”
Between July and August, the Korean Internet & Security Agency (KISA) unearthed malicious software being housed in several desktop systems of most South Korean Bitcoin exchanges. Recorded Future also says they unearthed multiple phishing operations targetting employees of financial institutions within South Korea.
The firm says that the Lazarus Group were mostly targetting employees of the South Korean exchange Coinlink and a particular group of students from South Korea referred to as the ‘Friends of the Ministry of Foreign Affairs.’ This group of students do several meetups to discuss matters foreign affairs.
The rise of Bitcoin made conventional financial institutions less of a target
Following sanctions levied against the North Korean government by international powers like the United Nations and the United States. The country first began targetting financial institutions in 2017.
However, the Lazarus Group would begin targetting cryptocurrencies exchanges in February 2017 and made their first big heist (estimated to be $7 million) from the South Korean exchange platform Bithumb.
The Lazarus Group has become in a twisted way, a sort of foreign exchange earner for North Korea. Something received quite warmly by the government, especially when you consider the fact that the country is still embroiled in a lot of tension and sanctions from the international community including China.
Click here to read the full report by Recorded Future.