Profiles of gorgeous women seeking to charm South Korean Bitcoin executives could really be Pyongyang hackers, according to experts.
Due to the sanctions placed on North Korea over its nuclear missile program, the country has found itself financially strapped. Therefore, they have deployed well-trained hackers to gain Bitcoin.
The first time the cyberwarfare capabilities of North Korea were noticed was when the country was accused of hacking Sony Pictures Entertainment. This was in retaliation for the satirical film that mocked Kim Jong Un, “The Interview.”
Now, the country is accused of hacking financial targets, such as the Central Bank of Bangladesh and Bitcoin exchanges worldwide. Washington has also blamed Pyongyang for the WannaCry Ransomware earlier in 2017.
It is believed that Pyongyang caused the shut down of the South Korean cryptocurrency exchange, on Dec. 19, after losing 17 percent of its assets from hacking. This is the second cyberattack on the exchange in 2017. North Korea was also accused of causing the first shut down.
According to Seoul’s intelligence agency, North Korean hackers have been approaching digital exchange workers on Facebook, posed as beautiful women. They begin online conversations and then, months later, send files containing malware.
These hackers have also overloaded executives’ emails as job seekers sending their resumes, which contained malware designed to steal personal information and exchange data.
Director of the Seoul cybersecurity firm EST Security Moon Jong Hyun, said that North Korea has stepped up its online honeytrap tactics, which targeted the South Korean government and military officials.
[Pyongyang hackers] open Facebook accounts and maintain the online friendship for months before backstabbing the targets in the end.
Many of the hackers state that they are studying at colleges in the United States or working for a think tank.
The director of the Seoul cybersecurity firm Hauri, Simon Choi, accumulated troves of data on the hacking activities of Pyongyang and has warned about the potential ransomware attacks from North Korea, since 2016. According to Choi,
The North’s hacking operations are upgrading from attacks on ‘enemy states’ to a shady, lucrative moneymaking machine in the face of more sanctions.
North Korean hackers have been interested in Bitcoin since 2012. Attacks spike when Bitcoin surges. It has soured 20-fold in 2017.
Reportedly, the United States has stepped up cyberattacks against Pyongyang. U.S. cybersecurity firm, FireEye, stated that the lack of regulations and “lax anti-money laundering controls” make digital currencies attractive to North Korea.
According to the U.S. firm, the cryptocurrency became a target of interest in September 2017. There were three documented hacking attempts between May and July.
A hacking organization linked to North Korea, called Lazarus, targeted people in the Bitcoin industry with a fake job offer and instead launched malicious phishing software, according to Secureworks, a U.S. cybersecurity firm.
Potential hackers are handpicked while in school and groomed at the elite Kim Chaek University of Technology or Kim Il Sung Military University. The number of hackers has grown to over 7,000, according to experts.
It was believed that hackers were operating from home or in China. However, according to the cybersecurity firm, Recorded Future, there is a significant North Korean presence as far away as Mozambique.
FireEye stated that 90 percent of the cybersecurity breaches came from Russia, Iran, China, and North Korea. According to CEO Kevin Mandia, the hackers are interesting to talk to and difficult to predict.
By Jeanette Smith
Straits Times: North Korea’s new front: Cyberheists
Image Courtesy of Zach Copley’s Flickr Page – Creative Commons License