How North Korea is using crypto attacks to fund its nuclear program
North Korea is notorious for its nuclear ambitions and its human rights violations. But did you know that the isolated regime is also behind some of the most sophisticated cyberattacks on the global financial system?
According to a recent report by the United Nations, North Korea has been using crypto attacks to steal billions of dollars from banks, exchanges, and investors. The report estimates that the country has amassed around $2 billion from these illicit activities, which it uses to fund its weapons of mass destruction program.
What are crypto attacks?
Crypto attacks are cyberattacks that target cryptocurrencies or blockchain-based platforms. They can take various forms, such as:
- Hacking into exchanges or wallets and stealing funds or user data
- Creating fake ICOs or tokens and scamming investors
- Exploiting vulnerabilities or bugs in smart contracts or protocols
- Launching ransomware or malware that demand payment in cryptocurrencies
- Mining cryptocurrencies using hijacked computing power or botnets
How does North Korea carry out crypto attacks?
North Korea has a dedicated unit of hackers, known as the Lazarus Group, that is responsible for most of the crypto attacks attributed to the country. The group is believed to have links to the Reconnaissance General Bureau, the country's military intelligence agency.
The Lazarus Group employs various tactics and techniques to execute its crypto attacks, such as:
- Phishing: Sending fraudulent emails or messages that trick users into clicking on malicious links or attachments
- Spear phishing: Targeting specific individuals or organizations with customized emails or messages that appear to come from trusted sources
- Social engineering: Manipulating or deceiving users into revealing sensitive information or credentials
- Malware: Installing malicious software on users' devices that can steal data, monitor activity, or control the device remotely
- Zero-day exploits: Taking advantage of unknown vulnerabilities in software or hardware that have not been patched or fixed
What are some examples of crypto attacks by North Korea?
Some of the most notable crypto attacks by North Korea include:
- The 2016 Bangladesh Bank heist: The Lazarus Group hacked into the SWIFT network and attempted to transfer $951 million from the Bangladesh Bank's account at the Federal Reserve Bank of New York to various accounts in Asia. The hackers managed to steal $81 million before the scheme was detected and stopped.
- The 2017 WannaCry ransomware attack: The Lazarus Group unleashed a global ransomware attack that infected more than 300,000 computers in 150 countries. The attack encrypted users' files and demanded payment in Bitcoin to unlock them. The attack caused widespread disruption and damage, especially in the health care sector.
- The 2018 Coincheck hack: The Lazarus Group breached the Japanese cryptocurrency exchange Coincheck and stole $530 million worth of NEM tokens. It was the largest crypto theft in history at the time.
- The 2019 Upbit hack: The Lazarus Group infiltrated the South Korean cryptocurrency exchange Upbit and transferred $49 million worth of Ethereum from its hot wallet to an unknown address. The exchange claimed that it would cover the losses with its own funds.
What are the implications of crypto attacks by North Korea?
Crypto attacks by North Korea pose a serious threat to the global financial system and security. They enable the regime to bypass international sanctions and generate revenue for its nuclear program. They also undermine the trust and confidence in cryptocurrencies and blockchain technology, which are still nascent and evolving.
The UN report urges all countries to enhance their cybersecurity measures and cooperate with each other to prevent and combat crypto attacks by North Korea. It also recommends that countries implement the relevant resolutions and sanctions imposed by the Security Council on North Korea.
Crypto attacks by North Korea are not only a challenge for the crypto industry, but also for the international community. They require a coordinated and comprehensive response from all stakeholders, including governments, regulators, exchanges, investors, and users.