North Korea is allegedly trying to steal Bitcoin and other cryptocurrencies from holders in South Korea through a scam, and they could soon start doing it to the rest of the world, according to information security company Secureworks.
The hermit company’s scam is believed to be developed by the Lazarus Group, which is the organization responsible for launching the WannaCry ransomware in the past. The scam involves sending infected Microsoft word documents via email to several high-profile officials of cryptocurrency companies. When the document is opened, it unleashes a malware program that allows hackers access to the victim’s computer.
North Korea’s phishing tactics can be likened to the centuries-old military strategy that is known as privateering. In the past, kings hired pirates and mercenaries to seize goods from enemy ships. North Korea is allegedly doing the same thing by hiring private hackers to work as privateers in stealing money from other people.
Bryce Boland, the Chief Technology Officer of cybersecurity firm FireEye, said that it is unknown how many Bitcoins the North Korean government had successfully stolen. However, he added that it’s reasonable to assume that some are already in their hands.
The hacking was detected when Bitfinex, one of the world’s largest cryptocurrency exchanges, announced that it experienced a Denial of Service (DoS) attack. This type of cyber attack is commonly experienced by financial institutions when hackers want to disrupt trade. A DoS is an attack where a hacker seeks to make a website inoperable by temporarily flooding it with excessive requests in an attempt to overload the system. It is analogous to a group of people suddenly crowding a store, making it difficult for legitimate customers to browse and buy anything. Bitfinex’s Application Programming Interface (API) went down during the attack but the company began work immediately to restore its services.
Coinwire reports that North Korea may be trying to hack cryptocurrency companies to help them circumvent sanctions implemented by the US government. A number of high profile firms and several shipping companies that have been linked to North Korean’s nuclear programs before have been sanctioned by the US due to fear of any possibilities of the country expanding its weapons programs.
North Korean leader Kim Jong Un is showing no signs of remorse despite the sanctions, and is allegedly considering the use of Bitcoin to garner support from potential investors.
The Independent relays that security experts are expecting more attacks by North Korea on other countries, especially if South Korea decides to ban cryptocurrencies to prevent people from using digital funds to fuel illegal activity. “Outside of the May WannaCry attack, the majority of North Korean cryptocurrency operations have targeted South Korean users and exchanges, but we expect this trend to change in 2018,” said Recorded Future, an information security company like Secureworks.
When South Korea announced that it was considering a ban on cryptocurrency trading, Bitcoin’s price sharply declined in January. If the country succeeds in doing it, North Korean hackers will be forced to look for targets in other countries. Apart from sending infected Microsoft Word documents, Recorded Future claims that North Korea has been using several phishing tactics that targeted individual cryptocurrency users’ accounts.
Elizabeth Freeman is a freelance writer living in Bangkok. Before deciding to be the boss of her own time, she worked as an investment banker in the US. When not working, she likes to read romance novels and watch romantic comedies.