The Kim Jong-un regime has been discovered increasing the severity of their cryptocurrency attack campaigns recently.
A recently published report confirmed that cryptocurrency users are becoming increasingly targeted by malware campaigns. While the hacking campaigns have become increasingly sophisticated, according to the report, it has also become clear that hackers are less interested in pocketing funds, and more at the prospect of yielding power in the cryptocurrency market.
Many of the latest hacking campaigns have been blamed on North Korea.
According to the report, by the Korean Internet & Security Agency (KISA), between January 2017 and September 2017, over 5000 ransomware attacks were conducted. This demonstrated an almost four-fold increase from 2016. While the overwhelming majority of the malware attacks were ransomware in nature, approximately 44 of the reported attacks were created in order to obtain information on the targeted victims.
Since the onslaught of attacks, cryptocurrency users have been instructed to be vigilant in their security measures. However, the issue becomes much more dangerous when it involves cryptocurrency employees, especially as the employees in question are responsible for overseeing thousands of transactions which equates to millions of dollars every single day.
Earlier this year, during July, information emerged that suggested that hackers have been attempting to gain access to the inner circles of a South Korean exchanging platform. These attempts were somewhat successful. Several targeted employees suffered severe malware injection attacks.
North Korea is in many aspects unremarkable, however, its hacking abilities is something the country takes pride in. Since the country does not actively partake in international activities and discussion, North Korea has been blamed for everything from ransomware attacks, as well as other high-profile hacking campaigns. Considering the country’s proximity and animosity to South Korea, it seems very plausible that the country would actively try to destroy its neighbours’ cryptocurrency exchange market.
A local media outlet, Yonhap, stated that a KISA official confirmed that attackers are currently in the process of spreading malware, not only to pocket Bitcoin funds but also to launch hacking campaigns against websites. The official also noted that these attacks are likely to continue and become more popular.
In addition to KISA’s report, the security firm, Fire Eye has also revealed certain details regarding the attack that the South Korean exchanges experienced earlier this year. According to the security firm, North Korea’s drastic increase in cyber attacks could be attributed to the governmental elite wanting to profit from the state-backed hacking campaigns. In addition, cryptocurrency attacks also provide North Korea with a way to evade the severe sanctions imposed on the country.
Fortunately, South Korean exchanges have a wealth of agencies and entities responsible for monitoring and protecting the country’s online infrastructure. During the last few weeks, the National Police Agency (NPA) as well as the Cyber Warfare Intelligence Center of South Korea, have warned the country of future campaigns that are likely to be launched by their northern counterparts. This included phishing email attacks, which targeted South Korean exchange employees, and more than once proved to be beneficial for the attackers.
According to the NPA, 25 employees from four different South Korean exchanges were targeted from an IP address, which has since been traced to North Korea. So far the Yupizon exchange lost over $5 million worth of funds. Unfortunately, South Korea remains a lucrative target for North Korea for both financial and geopolitical reasons. As Bitcoin continues to soar, it seems unlikely that this trend will be curbed in the near future.