North Korea Stole Billions of Won Worth of Bitcoins
South Korea claims that state-sponsored teams of hackers are still attempting to hack their exchanges.
Kim Byung-kee, a member of South Korea’s parliamentary intelligence committee, claims the country’s northern counterpart has stolen cryptocurrency by using phishing campaigns: “North Korea sent emails that could hack into cryptocurrency exchanges and their customers’ private information and stole (cryptocurrency) worth billions of won.”
Phishing campaigns involve sending emails through social engineering or en masse, which usually contain malicious links or attached documents that have embedded malware designed for theft of information, account compromise or surveillance.
While Kim did not say which exchanges were compromised by North Korea, the executive said that the country was “continuously” testing the security of South Korean exchanges.
If these allegations prove to be true, then dictator Kim Jung-un has amassed a fortune during this year in which Bitcoin’s value saw rises of over $19,000.
In January, a report from Recorded Futures alleged that a mysterious hacking group named Lazarus, have been sponsored by North Korea to launch attacks on crypto- businesses that are based in South Korea in 2017.
The group has been linked to the attack that crippled the NHS, which used malware that locked down computers and asked for ransom in Bitcoins to open them up again.
Security researchers from the tech firm Insikt Group, Juan Andres Guerrero-Saade and Priscilla Moriuchi, have published a research that points to the possibility of Pyongyang launching the hack campaign last year in autumn.
The research stated: ”The targets of this campaign appear to be users of the Coinlink cryptocurrency exchange, South Korean cryptocurrency exchanges at large… and a group called ‘Friends of MOFA’ (Ministry of Foreign Affairs), which is a group of college students from around South Korea with ‘a keen interest in foreign affairs.”
The security researchers added: “This late 2017 campaign is a continuation of North Korea’s interest in cryptocurrency, which we now know encompasses a broad range of activities including mining, ransomware, and outright theft.”
It is believed that the hackers stole the emails and passwords of Coinlink accounts, a South Korea Crypto exchange, along with resumes of computer scientists that have worked at similar exchanges in the past.
Kim Byung-kee added that South Korea was “doing its best” to ensure the security of its cryptocurrency exchanges.
However, such promise can be difficult to hold up, as more and more vulnerabilities and flaws are found in security protocols and exploited by hackers to compromise web domains, accounts of online services, enterprise and home networks.