South Korea is suggesting that its northern counterpart is hacking computers to mine cryptocurrency and bring in extra revenue for the country. In addition, North Korea is also maliciously hacking South Korea and neighboring regions to potentially get its hands on confidential information.
Recently, we reported that the North Korean hacking group Lazarus was responsible for roughly five separate cryptocurrency hacks in South Korea per data released by the cybersecurity firms Group-1B and Recorded Future.
About $882 million in cryptocurrency funds has been stolen throughout 2018, of which $571 million was allegedly taken by members of Lazarus. The organization has been blamed for attacks on digital exchanges like Yapizon, Coinrail and Bithumb, and virtually every attack’s financial loss exceeds $5 million.
Biggest Crypto Hack in History
Lazarus was also blamed for the attack on Coincheck – one of Japan’s biggest cryptocurrency exchanges – in early January. Over half-a-billion in cryptocurrency funds disappeared overnight, and it’s likely the biggest disaster (and biggest embarrassment) suffered by Japan’s digital currency industry since Mt. Gox in 2014.
The event set the precedent for new regulation in Japan regarding digital assets, and the country’s Financial Services Agency (FSA) saw themselves getting involved. The organization began sending notices out to the country’s many digital exchanges, warning them that if they didn’t step up their act and enable stronger security measures, they would ultimately be shut down. Coincheck has since begun initiating refunds for customers affected by the hack after facing considerable criticism for its hot wallet storage tactics.
Crypto-Jacking: It Just Won’t Go Away
In recent news, a U.S. cybersecurity firm has come forth to explain that in January, it found computers installed with malware designed to mine the cryptocurrency Monero. The garnered funds later went to Kim II Sung University in Pyongyang, North Korea’s capital city, suggesting the country was behind the malware’s implantation.
The process is known as crypto-jacking, and involves malware being secretly downloaded onto an unsuspecting victim’s computer to use their energy as a means of extracting new coins. Although nothing new, it can have devastating effects on one’s power sources and run up a rather nasty bill for the person in question.
The most recent scenario of crypto-jacking involves an Adobe Flash update that was allegedly very good at hiding its hidden mining code, as the software did exactly what it was designed to do. Users’ Adobe systems were updated, and thus no one ever suspected a thing. The malware was first noticed by cybersecurity firm Palo Alto Networks, named after a city in northern California.
Stealing Crypto and Nuclearization?
Over the years, cryptocurrency has emerged not only as a second form of income for North Korea, but also as a means of avoiding sanctions implemented by countries like the United States.
Furthermore, the National Intelligence Service is saying that North Korea is preparing itself for a visit from international nuclear experts scheduled to examine the country’s Punggyeri nuclear test site.
Leader Kim Jong Un invited journalists from all over the world to swing by and report on the dismantling of the site last May. The move is labeled a “major step towards denuclearization.” Now that the site has been removed, Jong Un is inviting the appropriate personnel to ensure the safety and low radiation levels of the dismantled operation.
An intelligence officer familiar with the circumstances of the upcoming visit explains:
“We have learned that North Korea is preparing for a visit by the international inspection team and conducting related activities. We’ve been eyeing major nuclear and missile development facilities, but we haven’t found anything notable yet.”