If there are two words that have entered the public lexicon with great fervour this year, they are “hacking” and “North Korea”. This was the case even before rumours began to swirl that North Korean hackers were infiltrating South Korean Bitcoin Exchanges.
A recent example of this was the bitcoin hacking of the world’s fourth largest exchange, and South Korea’s top crypto exchange, Bithumb. Although many fingers point to North Korea’s involvement in the heist, it’s still unclear if they were behind it.
The Lazarus Group
As many may know, one of the past attacks that North Korea has been linked to was the Sony Pictures hack in 2014. Now, according to a report from the Cybersecurity firm FireEye, evidence has begun to surface of more hacking attempts and data breaches. Five attacks on bitcoin exchanges, or individual bitcoin wallets, within the past six months have been tracked. Amongst the targets where the South Korea-based exchange Yapizon along with two other targets that are still unnamed.
FireEye informed the public that to their knowledge hackers used spear phishing, “a fraudulent method of sending emails to make them look like they were sent by someone you know, and dispersed malware to obtain virtual cash illicitly.”
What places the spot light on North Korea was the fact that North Korean state actors had been accused of cyber hacking into banks and firms in the past.
According to Kaspersky, a top cyber security firm, they had obtained digital evidence of North Korea’s involvement in last year’s $81 million cyber heist of the Bangladesh central bank’s account at the Federal Reserve Bank of New York.
Kaspersky also released a report that stated, “The hackers made a direct connection from an IP address in North Korea to a server in Europe that was used to control systems infected by the group.”
The same hackers accused of the Bangladesh bank hack have been investigated before and even got designated a nefarious name, the “Lazurus” group. Lazarus is a notorious group of hackers that first came to light in 2009. Kaspersky researcher Vitaly Kamluk stated that
the findings marked the first time we have seen a direct connection between North Korea and Lazarus.
An Alarming Trend?
Although it is increasingly hard to pinpoint the North Koreans or the Lazarus group as the actual culprits, the rationale for North Korea to embark on these tactics is clearly evident.
The country has becomes increasingly isolated through numerous rounds of UN sanctions. In the latest round of sanctions, North Korea could face and oil embargo and will be drained of any source of foreign funds.
With a regime that is so hamstrung without access to cash, hacking a digital currency exchange can be a very profitable experience.
Featured Image via Fotolia