Severe sanctions against North Korea might have led to an increased surge in cryptocurrency attacks.
North Korea is thought to be responsible for the latest surge in cyber-attacks against South Korea’s cryptocurrency exchanges. Yonhap, a news agency, reported that local authorities conducted an investigation which proved that North Korea is directly responsible for cyber attacks on several email accounts of employees from the four major bitcoin exchange services in South Korea.
Reportedly, North Korean hackers sent malicious emails out to employees between July and August 2017. The responsible hackers claimed to be security authorities, and emails were sent from a single IP address which has been previously associated with cybercrimes against Seoul. In this incident, North Korea is also thought to be involved.
Police authorities stated that the North Korean attackers sent out test email before sending the actual attack emails. The infected emails were traced back to North Korea.
North Korea has recently been sanctioned by the UNO due to its nuclear war and missile operations. Because of this, many speculated that the country might be trying to generate funds using digital currency. As of yet, there are no reports of actual stealing any cryptocurrency or compromising computers.
North Korean attackers used a spearphishing technique to launch email attacks. Cryptocurrencies have quickly emerged as an asset class, and have been increasingly targeted by regimes that simultaneously operate as a criminal enterprise.
According to Luke McNamara from security firm FireEye, cryptocurrencies have become a popular target for cybercriminals. It is likely that cryptocurrency exchanges will become even more irresistible targets to hackers in the future.
South Korea is a particularly lucrative target as it is one of the world’s busiest trading centers when it comes to cryptocurrency. The world’s largest cryptocurrency exchange for Ethereum is located in Seoul.
According to McNamara, the sheer daily trading volume occurring daily in South Korea is highly significant as it is responsible for a large part of global trading in cryptocurrencies. It follows logically, that serious cryptocurrency hackers would make Seoul its prime target, as they offer a large centralized target.
The report by FireEye also stated that the group of hackers responsible for these attacks are likely state-sponsored and in collaboration with the Kim Jong-un regime. It is obvious why cryptocurrency is appealing to the North Korean regime as transactions are anonymous, which would make it easy for North Korea to control money laundering in traditional stock exchanges.
Earlier this month, FireEye also reported that North Korean hackers have infiltrated at least three cryptocurrency exchanges since May this year. Further investigations discovered that four different exchanges have been targeted. It is likely that North Korea will increase their cyber attacks in the months to come as North Korean expands its nuclear weapons.