N. Korean Hacking Group Attempts to Steal Cryptocurrency
North Korean hacking group, Lazarus, is said to be ratcheting up its attempts to seize cryptocurrency amid North Korea’s economic challenges due to the coronavirus pandemic and financial sanctions forced on the country.
According to an April 27 press release from ESTsecurity, a cybersecurity firm established in Seoul, the Advanced Persistent Threats (APTs) hacking association Lazarus, which is supposedly sponsored by North Korea, is frequently engaging in cybercrime movements in and out of South Korea.
Prime Victims of Lazarus
During the 2014 Sony Pictures hack and 2016 Bangladesh Bank cyber heist, Lazarus, the infamous hacking group, is responsible for the said robbery.
The main targets of these crimes are people who have purchased cryptocurrencies, such as Bitcoin, and those who serve in the cryptocurrency field, according to the press release.
The company predicted that these strikes could lead to economic damage. The ESTsecurity press release announced that Lazarus is transferring out APT attacks not only in South Korea but also in the global sphere, including the United States.
The press added that they are also battling in cyber-espionage developments as well as activities intended to generate foreign currency. They further explained the ill-disposed emails in theses attacks naming companies that produce electronic payment services.
The hackers connected malicious files disguised as blockchain software improvement records from those payment companies and induced the targets into preparing them. ESTsecurity’s report described that these muggings use “spear phishing,” where a scammer lures victims using data specific to their businesses after obtaining accurate information on them.
Lazarus is strongly committed to cryptocurrency heist campaigns concentrated on virtual money that are difficult to track and cryptocurrency markets, which are more exposed to hacks than traditional financial institutions like banks.
What might they do next?
Critics say that stealing cryptocurrency could make enormous profits to a country now fully separated from the rest of the system following the conclusion of the Sino-North Korean boundary in late January due to the coronavirus pandemic.
Security authorities are indicating that joint countermeasures should be taken against North Korean cyberattacks, which are attached to other North Korean surveillance groups such as Kimsuky, Kony, and Gumsong 121.
Mun Chong Hyun, the head of the ESTsecurity Security Response Center (ESRC), said that along with Kimsuky, Koni, and Gumsong 121, Lazarus has been attacking in a variety of APT attacks against South Korea and others. He further said that it is vital that we regularly study these organizations and take countermeasures versus them.