Get the Finder app 🥳

Track your credit score, free

Free

North Korea wants your cryptocurrency

Posted: 3 December 2018 1:27 pm
News

Exchanges are getting too tough to hit these days, so North Korea is moving on to targeting individuals.

North Korea is moving from trying to attack cryptocurrency exchanges to targeting individual holders, South China Morning Post (SCMP) reports, citing analysis from cybersecurity firm Cuvepia.

"They are just simple wallet users investing in cryptocurrency," said Cuvepia CEO Kwon Seok-chul of the new victims, to the SCMP. Cuvepia has identified 30 cases of North Korea targeting individuals since April, but Kwon notes that the real number is likely to be much higher.

"When cryptocurrencies are hacked, there is nowhere one can make complaints, so hackers are increasingly hacking into cryptocurrencies," he said.



Sincerely, North Korea

The attacks are taking the form of email phishing attempts, with a reliance on getting users to open infected text attachments accompanying emails. It's the kind of attack which almost certainly wouldn't let one into a tightly secured cryptocurrency exchange these days.

"Previously, hackers directly attacked exchanges," explained Simon Choi, the founder of the cyber warfare research group IssueMakersLab, to SCMP. "They targeted staff at the exchanges, but now they are attacking cryptocurrency users directly."

“They've already had successes and are continuing to progress, but during that time, the exchanges have become used to the attacks and boosted their security somewhat," he said. "Direct attacks on exchanges have become harder, so hackers are thinking about alternatively going after individual users with weak security."

juicy crypto words

Exchanges are ideal targets and North Korea has proven to be the world's most successful exchange attacker to date, says Russian security firm Group-IB, with the country's "Lazarus" hacker group being suspected of some of the highest profile heists in the crypto world to date.

Group-IB says North Korea was behind attacks including the $30 million Bithumb hack in June, and the record-shattering half-billion dollar CoinCheck heist at the start of the year.

But with exchanges tightening their security, wealthy individuals who are known to have vulnerable crypto holdings might be the next best thing.

"They believe that if they target CEOs of wealthy firms and heads of organisations, more so than ordinary people, they can take advantage of billions of won in virtual currencies," Choi said.

Luke McNamara, an analyst at the FireEye cybersecurity firm suggested to the SCMP that the North Korean hackers were able to get information on their targets from previous forays into exchanges. Some of this information might be details that let them craft a compelling message to the victim, but some of the most important might be that the target has vulnerable crypto funds somewhere on a hot wallet or an exchange without hardware wallet protection.

Elsewhere, SIM swapping is still proving to be a major problem which especially targets those who are known to have sizable holdings on exchanges, although it's not clear whether North Korea is also getting into these.

However, what it has also been getting into is good old fashioned exit scams. As previously reported by Asia Times, it's likely that North Korea has been creating its own coins, launching its own ICOs and pulling off its own exit scams.

With the crippling sanctions laid on North Korea being, well, crippling, the hermit kingdom can always use more money and it seems to be pulling out all the stops to take advantage of cryptocurrency. This might even extend as far as state-sponsored 51% attacks, Group-IB suggested, with mining pools being potentially vulnerable entry points.


Disclaimer: This information should not be interpreted as an endorsement of cryptocurrency or any specific provider, service or offering. It is not a recommendation to trade. Cryptocurrencies are speculative, complex and involve significant risks – they are highly volatile and sensitive to secondary activity. Performance is unpredictable and past performance is no guarantee of future performance. Consider your own circumstances, and obtain your own advice, before relying on this information. You should also verify the nature of any product or service (including its legal status and relevant regulatory requirements) and consult the relevant Regulators' websites before making any decision. Finder, or the author, may have holdings in the cryptocurrencies discussed.

Crypto explained


Latest cryptocurrency news

Picture: Shutterstock

Latest crypto guides

Ask an Expert

You are about to post a question on finder.com.au:

  • Do not enter personal information (eg. surname, phone number, bank details) as your question will be made public
  • finder.com.au is a financial comparison and information service, not a bank or product provider
  • We cannot provide you with personal advice or recommendations
  • Your answer might already be waiting – check previous questions below to see if yours has already been asked

Finder only provides general advice and factual information, so consider your own circumstances, or seek advice before you decide to act on our content. By submitting a question, you're accepting our Terms of Use, Disclaimer & Privacy Policy and Privacy & Cookies Policy.
Go to site