Following an August 5, 2019, report on North Korea's cryptocurrency exchange hacks, the United Nations (UN) has decided to probe 35 cyber-attack cases linked to Pyongyang across 17 countries.
South Korea: The First Victim
According to the Associated Press, North Korean agents have gotten better at attacking their closest neighbor, South Korea. Of all of the attacks detailed in the UN report, 10 were said to have been directed at the country. India came in a distant second, with three attacks reportedly targeted at it. Countries in Europe, the Middle East, South and Central America and Africa have also been targeted.
According to the report, North Korean actors have stolen funds by attacking the Society for Worldwide Interbank Financial Telecommunication (SWIFT) and cryptocurrency exchanges.
North Korea’s Lazarus Group was determined responsible for security breaches on a number of South Korean cryptocurrency exchanges, including Bithumb, YouBit and Coinrail. Bithumb was hit the hardest — breached four times for over $50 million in losses. Earlier this year, Upbit's customers escaped a phishing attempt from Pyongyang.
New Headway With Cryptojacking
The report also noted that North Korean cybercriminals are making headway with “cryptojacking,” the use of malware to infect computers and use them to generate cryptocurrency without the user’s consent.
North Korea seems to have had relative success with this form of cryptocurrency mining, the report revealed. The UN reportedly analyzed a piece of malware used for cryptojacking, which was designed to mine the privacy-focused cryptocurrency monero. Analysts eventually traced the movements of the asset to servers located at the Kim-Il Sung University in Pyongyang.
Given the severity of the economic sanctions that have been placed on the country by the international community, it is not surprising that the North Korean government has been forced to find other sources of funds.