North Korean Hackers Target Individual Crypto Investors
December 3, 2018 11:23 am
After enduring the sanctions aimed at its illegal nuclear weapons program and experiencing extreme exhaustion of financial reserves, North Korean hackers have come up with a new strategy to increase the country’s cash reserves; stealing crypto assets from individual investors.
In a report from the South China Morning Post (SCMP), the strategy of stealing digital holdings from individual investors is a way to depart from their usual approach of infiltrating valuable financial institutions and centralized crypto exchanges.
Hackers send unsuspecting victims an email attached with infected files. A malicious script infects the computer and gains access to the system, once the files are downloaded. This is how hackers steal their victims’ digital currency.
Simon Choi, the founder of the cyber warfare research group, argued that the switch from aiming exchanges and trading platforms to targeting individuals was most likely due to the upgraded security protocols implemented by crypto exchange platforms in the recent months.
“Direct attacks on exchanges have become harder, so hackers are thinking about alternatively going after individual users with weak security. They targeted staff at the exchanges, but now they are attacking cryptocurrency users directly. With the US, UN and other imposing sanctions on the North Korean economy, North Korea is in a difficult position economically, and cryptocurrency has come to be seen as a good opportunity.”
The CEO of Cuvepia, Kwon Seo-Chul, informed SCMP that his company had discovered over 30 instances of North Korean hackers preying on innocent cryptocurrency investors.
He said, “They are just simple wallet users investing in cryptocurrency. In fact, when cryptocurrencies are hacked, there is nowhere one can make complaints, so hackers are increasingly hacking cryptocurrencies.”
In addition, Choi added, the hackers majorly targeted wealthy South Koreans, as they “believe targeting wealthy firms and heads of organizations,” can help extort large sums quicker.
Further, Kwon Explained, why it is easy for hackers to go after individual investors without facing consequences:
“When cryptocurrency wallets were hacked, there is nowhere one can make complaints, so hackers are increasingly hacking into digital currency accounts. Some of the attacks are carried out by sending the victims an email with infected attachments.”
It is clearly understood that North Korea has been benefitting from cryptocurrencies for a while now. In September, a report from Asia Times said that Pyongyang evaded US sanctions by using cryptocurrencies. The report quoted Priscilla Moriuchi, former NSA cybersecurity official, who said that the state was earning millions of dollars daily through its mining and crypto exchange activities.
“North Korea has pursued other avenues for obtaining cryptocurrencies as well, including mining of both Bitcoin and Monero, ransom paid in from the global WannaCry attack in May and even commissioning a cryptocurrency class for North Korean students in November.”