North Korean hackers have taken to stealing cryptocurrency from individual investors as part of a new strategy by Pyongyang to blunt the impact of international sanctions targeting its illicit nuclear weapons programme.
A number of experts have previously shared that North Korea continues to use bitcoin to evade US sanctions. Just last month a report by Russian cybersecurity company Group IB stated that Lazarus, an infamous hacking group of North Korea stole about half a billion dollars in cryptocurrencies.
The targeting of individuals holding virtual currencies such as bitcoin marks a departure from its previous methods, which have targeted exchanges and financial institutions.
This group reportedly was also behind the 14 hacks on cryptocurrency exchanges since January 2017. Previously, the hackers tend to target exchanges and financial institutions but this time it’s individual investors.
“Previously, hackers directly attacked exchanges,” Simon Choi, the founder of the cyber warfare research group IssueMakersLab, said. “They targeted staff at the exchanges, but now they are attacking cryptocurrency users directly.”
This shift could be due to the strengthening of security by exchanges and financial institutions as he shares, “They’ve already had successes and are continuing to progress, but during that time, the exchanges have become used to the attacks and boosted their security somewhat. Direct attacks on exchanges have become harder, so hackers are thinking about alternatively going after individual users with weak security,” Chois added.
South China Morning Post quoted Choie as saying, “With the US, the UN and others imposing sanctions on the North Korean economy, North Korea is in a difficult position economically, and cryptography has come to be seen as a good opportunity.”