Tokyo/Seoul: As politicians from Washington to Seoul consider imposing new sanctions on North Korea, Kim Jong-un's regime appears to be stepping up efforts to secure bitcoin and other cryptocurrencies that could be used to avoid additional trade restrictions.
South Korea's opposition Bareun Party lawmaker Ha Tae-Kyung, who has followed North Korean hacking attempts, said it had apparently stolen more than 90 billion won (US$80 million) from South Korea through hacking attacks in the four years to June, including cyber-attacks on ATMs.
It said that lack of state control and secretiveness would also make them useful fund raising and money laundering tools for Kim Jong-un.
North Korea is suspected of intensifying cyber-attacks to steal virtual currency in order to obtain funds and avert tightening sanctions, according to security experts.
"As more money goes into cryptocurrency exchanges and more people buy bitcoin and ethereum, exchanges become larger targets for this group", said McNamara. While at present North Korea is somewhat distinctive in both their willingness to engage in financial crime and their possession of cyber espionage capabilities, the uniqueness of this combination will likely not last long-term as rising cyber powers may see similar potential.
Specifically, the hackers began targeting South Korean cryptocurrency exchanges. FireEye didn't name the exchange. They did so with spear-phishing campaigns, researchers added, that targeted personal email accounts of employees at digital currency exchanges. FireEye identified the malware, known as PEACHPIT, and provided examples of documents it was attached to, including one published by Seoul-based Hyundai Research Institute about the state of bitcoin industries. This marked a departure from previously observed activity of North Korean actors employing cyber espionage for traditional nation state activities. And most researchers believe the WannaCry ransomware attack, which affected computers at major companies and public institutions worldwide in May, was carried out by North Korea.
Bitcoin has increased 600% in value in the a year ago.
"If actors compromise an exchange itself (as opposed to an individual account or wallet) they potentially can move cryptocurrencies out of online wallets, swapping them for other, more anonymous cryptocurrencies or send them directly to other wallets on different exchanges to withdraw them in fiat currencies such as South Korean won, USA dollars, or Chinese renminbi", the report added.
Bitcoin and other cryptocurrencies are often held in accounts at online exchanges.