North Korean Hackers developed another sinister move to perpetuate their illegal activities, this time their victims are crypto investors.
To execute their fraudulent activities they send their victims an email with infected file attachments, immediately the victim downloads the file, it infects the computer and takes total control of the machine. It is at that point these criminals can carry out their fraudulent activities.
Beating Upgraded Security Protocols
Unlike in the past when these hackers targeted high-profile financial institutions and centralized crypto exchanges, this new strategy is out for individual crypto investors.
Simon Choi the founder of IssueMakersLab, a cyber warfare research group was quoted by the SCMP as saying that he had confirmed the change in the modus operandi of North Korean hackers.
Choi argued that the shift from targeting exchanges and trading platforms to attacking individuals was most likely due to the upgraded security protocols that crypto exchanges have been able to utilize in the past few months.
Choi stated that;
“Direct attacks on exchanges have become harder, so hackers are thinking about alternatively going after individual users with weak security. They targeted staff at the exchanges, but now they are attacking cryptocurrency users directly. With the US, the UN and others imposing sanctions on the North Korean economy, North Korea is in a difficult position economically, and cryptography has come to be seen as a good opportunity.”
Choi wasn’t the only one to expose the hackers sinister move, the CEO of Cuvepia, Kwon Seo-chul while speaking with SCMP also mentioned that the firm had found over 30 instances where North Korean hackers had preyed on innocent cryptocurrency investors.
Kwon stated that the victims are just simple wallet users investing in cryptocurrencies. He further said that when these cryptocurrencies get hacked, there is nowhere one can make complaints, so hackers are increasingly hacking into cryptocurrencies.
Also, the founder of IssueMakersLab further explained that most of the targets of these attacks had been wealthy South Koreans as these criminals believe that if they target CEOs of wealthy firs and heads of organizations, they can cash out large sums faster. It is still a surprise to many crypto users that even with the emergence of retail custody solutions and hardware wallets, these kind of attacks are still prevalent.
Profiting From Cryptocurrencies
For quite some time now North Korea has profited from cryptocurrencies, a report on Asia times in September stated that Pyongyang was utilizing cryptocurrencies to evade US sanctions.
The report quoted former NSA Cybersecurity official Priscilla Moriuchi who mentioned that North Korea was earning millions of dollars on a regular basis from its mining and crypto trading activities.
She further mentioned that the country had pursued other avenues for obtaining cryptocurrencies as well which includes mining of both bitcoin and Monero, ransom paid in bitcoin. From the global WannaCry attack in May and even commissioning a cryptocurrency class for North Korean students in November.