Kim Jong-un secretly encourages hacking South Korean cryptocurrency exchanges
North Korea tries to gain bitcoins and other cryptocurrencies to avoid current and future sanction from the United Nations, states FireEye Inc. that specializes in cybersecurity.
Kim Jong-un’s hackers are now targeting South Korean cryptocurrency exchanges and websites related to them. They have managed to hack the website on Bitcoin currency and receive ransom money from WannaCry victims, FireEye tells. The website hack helps hackers identify its visitors and, possibly, search for new victims.
FireEye has already confirmed three North Korean attacks on South Korean cryptocurrency exchanges, namely (as Bloomberg found out) Yapizon that lost over 3.8 thousand bitcoins as a result. The cybersecurity experts from FireEye, however, told they could not specify for sure from which country those hackers were.
The representatives of FireEye noted that the more popular cryptocurrencies become, the more threats emerge for the exchanges. Phishing email messages infected with the PEACHPIT virus was one of the methods hackers used to attack the exchanges. TEMP.Hermit, the hacker group responsible for its hacking of Samsung in 2016 and, allegedly, of Sony Pictures Entertainment, might be responsible for this phishing as well, FireEye states.
Bloomberg notes that cryptocurrencies might have become interesting for Kim Jong-un after he became familiar with the theme and the opportunity to avoid sanctions, launder money and presumably finance activities harming those he considers enemies.
The messages about North Korean government-backed hackers appear in the news from time to time. The South Korean intelligence agencies closely monitor the activities of special army cyber experts that the DPRK regime uses for their benefit.