North Korean Hackers Move Onto Attacking Individuals After Exchanges Boost Security

Published at: Dec. 1, 2018

The CEO of cybersecurity firm Cuvepia declared that his company detected over 30 attacks on crypto-bearing individuals probably carried out by North Korean hackers, English-language media site South China Morning Post reports Nov. 29.

Kwon Seok-Chul, the CEO of the aforementioned South Korean cybersecurity company, said that the new targets of the suspected North Korean cyberattacks “are just simple wallet users investing in cryptocurrency.” He then added that many cases probably haven’t been detected, and that there may have been well over 100 attacks.

As the article states, the “targeting of individuals holding virtual currencies such as Bitcoin (BTC) marks a departure from its previous methods.” As Cointelegraph reported this October, North Korea allegedly backed two cryptocurrency scams this year: hacks funded by the country reportedly comprise of 65% of all cryptocurrency stolen to date.

Simon Choi, founder of cyber warfare research company IssueMakersLab, attributes the shift towards attacking individuals to cybersecurity enhancements by exchanges and financial institutions:

“Direct attacks on exchanges have become harder, so hackers are thinking about alternatively going after individual users with weak security.”

Choi also said that most targets have been wealthy South Koreans since “they believe that if they target CEOs of wealthy firms and heads of organisations” then “they can take advantage of billions of won in virtual currencies.”

According to Luke McNamara, an analyst at cybersecurity company FireEye, “it’s possible from previous intrusions they’ve been able to collect information” about “people using these [cryptocurrency] exchanges.”

McNamara explained that “when they understand and know the targets” then “they are able to craft lures specific to those organisations or entities.” He added that this makes them “effective at what they are doing.”

As Cointelegraph reported, Kaspersky Labs claims that North Korean hacker collective Lazarus Group used the “first” macOS malware to hack a crypto exchange. Experts have also argued that North Korea increasingly uses cryptocurrencies to avoid U.S. sanctions.

Tags

Bitcoin

Hackers

South Korea

Cybercrime

Video

North Korea

Related Posts

Kim Jong Un May Be Using Stolen Crypto to Offset Economic Fallout

North Korean leader, Kim Jong-un, is reportedly backing a group of hackers. Their goal? Stealing cryptocurrencies like Bitcoin (BTC) using phishing scams. Sources indicate that the country has ramped up these efforts in an attempt to prevent a financial meltdown amid the COVID-19 crisis. A report published on May 13 by the U.K. Mirror claims that the Lazarus group, a hacking syndicate with alleged ties to the North Korean state, could be launching a cybercrime campaign of advanced persistent threat, or APT, attacks. Experts from Seoul-based firm, ESTsecurity, state that Lazarus is “increasingly engaging” in cybercrime activities in and out …

Bitcoin / May 14, 2020

Cellebrite Launches Crypto Tracer Solution to Track Illicit Transactions

Digital intelligence firm Cellebrite has launched its “Cellebrite Crypto Tracer” solution. The new offering is powered by CipherTrace and aims to trace illicit cryptocurrencies involved in money laundering, terrorism, drugs, human trafficking, weapon sales and ransomware schemes. The suite of tools will be available to investigators, analysts and non-technical agents who want to lawfully obtain evidence and trace criminals who use cryptos like Bitcoin (BTC) through the darknet. Citing figures from an Oxford University study, Cellebrite states that an estimated $76 billion worth of illegal activities involve Bitcoin. Curating millions of information references to trace transactions The Cellebrite Crypto Tracer …

Technology / July 28, 2020

UpBit Exchange Phishing Email Scam Came From North Korea, Source Claims

Hackers from North Korea were behind a phishing scam targeting users of South Korean cryptocurrency exchange UpBit, Korean-language cryptocurrency news outlet CoinDesk Korea reported on May 29. According to findings by local cybersecurity firm East Security, the scam came in the form of an email sent to UpBit users requesting account information. The pretence was a fake giveaway, with the emails also containing a file called “Event Winner Personal Information Collection and Usage Agreement.hwp,” which would run malicious code when opened. UpBit had alerted traders a day before, warning anyone receiving an email from the address “[email protected]” to discard it. …

Cryptocurrency Exchange / May 31, 2019

Bithumb Announces External Audit Results in Wake of $13 Million Hack

South Korean cryptocurrency exchange Bithumb has conducted a professional external audit of its funds after a major hack last month, the company confirmed in a statement on April 11. Bithumb, South Korea’s largest exchange, lost around 14 billion won ($13 million) two weeks ago in an event executives believe was masterminded by an insider. Now, Bithumb has used a third party to assess its reserves, repeating its previous assurances that customer funds remained safe in cold storage wallets. The 14 billion of hacked EOS (EOS) tokens, a previous statement said, represented company-only funds. All remaining funds in its hot wallet …

Bitcoin / April 11, 2019

North Korean hackers stole $400M in 2021, mostly ETH: Chainalysis

North Korean crypto hackers siphoned off nearly $400 million in crypto through cyber attacks in 2021 according to new data from Chainalysis. The type of crypto stolen has also seen a sea change according to the Jan. 13 report from the blockchain analytics firm. In 2017, BTC accounted for nearly all the crypto stolen by the DPRK, but it now accounts for just one fifth: “In 2021, only 20% of the stolen funds were Bitcoin, whereas 22% were either ERC-20 tokens or altcoins. And for the first time ever, Ether accounted for a majority of the funds stolen at 58%.” …

Bitcoin / Jan. 14, 2022