As per U.S. accusations, the involvement of North Korean hackers in the crypto space came to limelight on numerous occasions. However, instead of blaming Korean hacking groups for several fraudulent practices, the U.S authorities officially held North Korean government accountable of playing the main role behind cyber attacks.
The U.S. Department of Treasury’s Office of Foreign Assets Control (OFAC) revealed that North Korea sponsored cyber hacking groups. While sanctioning 3 primary hacking groups, the press release shared by the department of U.S Treasury stated:
Today’s actions identify North Korean hacking groups commonly known within the global cyber security private industry as “Lazarus Group,” “Bluenoroff,” and “Andariel” as agencies, instrumentalities, or controlled entities of the Government of North Korea…
Treasury Under Secretary for Terrorism and Financial Intelligence, Sigal Mandelker, elaborated that Korean hackers intended to raise funds and support illicit weapons and missile programs. After concluding that Reconnaissance General Bureau (RGB), North Korea’s primary intelligence bureau, supervised and controlled all the cyberattacks, OFAC imposed severe regulations. Mandelker, justifying sanctions against North Korea said:
We will continue to enforce existing U.S. and UN sanctions against North Korea and work with the international community to improve cybersecurity of financial networks.
Starting with Lazarus Group, activities of all hacking groups mentioned before were explained in the press release. It was suggested that Lazarus was built in 2007 to target government, military, media, financial, manufacturing and entertainment. The group used data theft, monetary heists, cyber espionage, and destructive malware operations to target institutions.
Apart from unveiling practices of Lazarus Group, the light was shed on its two subgroups, Bluenoroff and Andariel, as well. Bluenoroff got the attention of cybersecurity firms just a few years ago. The subgroup was accused of making revenue for the Korean government by conducting malicious cyber activity against foreign financial institutions.
On the other hand, Andariel targeted foreign businesses, financial services infrastructure, governments, defense industry, etc. According to the cybersecurity firms, Andariel in 2015 tried to steal banking credentials of users. The subgroup was indulged in hacking ATMs and online poker and gambling sites to generate money.
Lazarus along with its subgroups was involved to generate money via illegal means for the government of North Korea. After analyzing their activities over a span of a few years, information related to several countries affected and money generated is also mentioned in the press release.
Lazarus Group’s WannaCry 2.0 ransomware attack, created problems for about 150 countries and 300,000 computers. Impacting the health care services in United Kingdom, WannaCry 2.0 caused the cancellation of appointments of about 19,000 patients.
Bluenoroff, while attempting to bag as much as $1.1 billion was able to successfully outsmart banks located in Pakistan, Bangladesh, India, Turkey, Mexico, South Korea, Taiwan, Chile, Philippines and Vietnam. Besides successful operations in almost 11 countries and 16 organizations, Bluenronoff and Lazarus aimed to capitalize approximately $80 million. Regarding all hacking groups, the press release comprehensively reported:
According to industry and press reporting, these three state-sponsored hacking groups likely stole around $571 million in cryptocurrency alone, from five exchanges in Asia between January 2017 and September 2018.
Previously, a U.N. report also accused Korea for participating in several hacking activities. To fund various weapon programs, the country was said to carry a plethora of cyberattacks. Confirmed by the report, North Korea was able to produce multiple streams of revenue in gathering $2 billion.
With technology advancements, the techniques used by hackers and scammers are getting advanced as well. This explains why cryptocurrency malware and cryptojacking are on an exponential rise. Although the U.S.government is trying to cope with the situation, the mass crypto adoption is substantially hindered by illegal practices, taking place every now and then. While talking to BlockPublisher, Jimmy Nguyen, the
President of the Bitcoin Association added:
News of scams and fraud committed with Bitcoin and other cryptocurrencies undermines the ability to achieve mainstream adoption. It also scares away institutional investors and provokes scrutiny from government agencies. For consumers, big businesses and governments to get more comfortable using cryptocurrency, they need to feel it is safer.
As experts are debating on the issue of North Korea’s involvement in cyber attacks, let’s see how much effective measures the U.S. government will take to overcome the damage and to prevent these attacks in the future.