Nuke Hermit Kingdom Amassing Bitcoin for Sanctions End Run?

A new report by security research firm FireEye suggests that North Korea is using state-sponsored hackers to steal Bitcoin to circumvent sanctions and fund the regime.

"Sanctions against North Korea are likely to fuel their cybercrime activity", said Bryce Boland, Singapore-based chief technology officer with FireEye.

In a report published Monday, FireEye said it has detected at least five instances of suspicious activity by North Korean hackers against South Korean cryptocurrency targets since last April, including at least three attacks on virtual currency exchanges.

North Korean hackers have previously targeted South Korean cryptocurrency exchanges, stealing bitcoin worth $88,000 (at the time) between 2013 and 2015, according to Yonhap News, which cited South Korean cybersecurity firm Hauri.

The hackers have also been tied by other security firms to last year's attack on Samsung Electronics Co.'s corporate messenger app and, most prominently, the breach of Sony Corp.'s film studio, which the Federal Bureau of Investigation blamed on North Korea.

It's entirely possible that North Korea is turning to bitcoin by stealing them from exchanges to then launder it into hard cash amid increasing scrutiny and sanctions from the worldwide community. "It is their continued, illegal and aggressive actions that have brought us to this point, and it is North Korea that must change its course".

At least one virtual currency exchange was successfully compromised in late May. Hackers assailed Bithumb with a spearphishing attack, where fake emails and malware are used to try to steal virtual cash. North Korea's Office 39 is involved in activities such as gold smuggling, counterfeiting foreign currency, and even operating restaurants. And with Bitcoins rising in popularity and price and also the fact that there is no government regulating bitcoins, it's a clear sign why North Korea is targeting cryptocurrency.

If actors compromise an exchange itself (as opposed to an individual account or wallet) they potentially can move cryptocurrencies out of online wallets, swapping them for other, more anonymous cryptocurrencies or send them directly to other wallets on different exchanges to withdraw them in fiat currencies such as South Korean won, USA dollars, or Chinese renminbi.

"Bitcoin and other cryptocurrencies have increased in value in the previous year, nation states are beginning to take notice", FireEye said."Consequently, it should be no surprise that cryptocurrencies, as an emerging asset class, are becoming a target of interest by a regime that operates in many ways like a criminal enterprise". Yapizon announced losing 3,816 bitcoins or about $5.3 million.

"It should be no surprise that cryptocurrencies, as an emerging asset class, are becoming a target of interest by a regime that operates in many ways like a criminal enterprise", the FireEye report said. Cyber criminals may no longer be the only nefarious actors in this space.

Related:

Comments

Other news