N. Korean Hacking Group Attempts to Steal Cryptocurrency

Hacking Group Attempts to Steal Cryptocurrency

North Korean hacking group, Lazarus, is said to be ratcheting up its attempts to seize cryptocurrency amid North Korea’s economic challenges due to the coronavirus pandemic and financial sanctions forced on the country.

According to an April 27 press release from ESTsecurity, a cybersecurity firm established in Seoul, the Advanced Persistent Threats (APTs) hacking association Lazarus, which is supposedly sponsored by North Korea, is frequently engaging in cybercrime movements in and out of South Korea.

Prime Victims of Lazarus

During the 2014 Sony Pictures hack and 2016 Bangladesh Bank cyber heist, Lazarus, the infamous hacking group, is responsible for the said robbery.

The main targets of these crimes are people who have purchased cryptocurrencies, such as Bitcoin, and those who serve in the cryptocurrency field, according to the press release.

The company predicted that these strikes could lead to economic damage. The ESTsecurity press release announced that Lazarus is transferring out APT attacks not only in South Korea but also in the global sphere, including the United States.

The press added that they are also battling in cyber-espionage developments as well as activities intended to generate foreign currency. They further explained the ill-disposed emails in theses attacks naming companies that produce electronic payment services.

The hackers connected malicious files disguised as blockchain software improvement records from those payment companies and induced the targets into preparing them. ESTsecurity’s report described that these muggings use “spear phishing,” where a scammer lures victims using data specific to their businesses after obtaining accurate information on them.

Getting Stronger?

Lazarus is strongly committed to cryptocurrency heist campaigns concentrated on virtual money that are difficult to track and cryptocurrency markets, which are more exposed to hacks than traditional financial institutions like banks.

As stated by the “National Strategy for Combating Terrorist and Other Illicit Financing 2020” report released by the US Treasury Department in February, Lazarus was amongst the three North Korean hacking groups that directed to steal USD 571 million in cryptocurrency from five exchanges in Asia.

What might they do next?

Critics say that stealing cryptocurrency could make enormous profits to a country now fully separated from the rest of the system following the conclusion of the Sino-North Korean boundary in late January due to the coronavirus pandemic.

Security authorities are indicating that joint countermeasures should be taken against North Korean cyberattacks, which are attached to other North Korean surveillance groups such as Kimsuky, Kony, and Gumsong 121.

Mun Chong Hyun, the head of the ESTsecurity Security Response Center (ESRC), said that along with Kimsuky, Koni, and Gumsong 121, Lazarus has been attacking in a variety of APT attacks against South Korea and others. He further said that it is vital that we regularly study these organizations and take countermeasures versus them.

Relevant news