he North Korean government is currently facing a flurry of accusations related to cryptocurrency hacks, cryptojacking attacks, and money laundering. Its regime, which is currently reeling from sanctions imposed by the United States government, is believed to be backing cryptocurrency scams and hacks to obtain badly needed funds.
Cryptojacking in South Korea
According to the latest reports, the South Korean government is blaming the North Korean regime for launching a string of cyber attacks against the country.
Going by an audit carried out by the country’s National Intelligence Service, Pyongyang is using cryptojacking and hacking techniques to mine Monero using computers located in South Korea.
The country is apparently spreading links through social media and emails that send users to malicious websites prepped for cryptojacking attacks. North Korea’s cyber attack units are also accused of relentlessly probing South Korean networks and intelligence systems to obtain sensitive information.
Attacks on cryptocurrency platforms have been on the rise in the past two years, with sophisticated hacker groups specifically in China and Russia believed to be behind the schemes. According to a recent report released by the cybersecurity firm, Group-IB, Pyongyang also backs some of the most successful hacker syndicates on the planet, the most notable being the Lazarus hacker unit. In most cases, the syndicates target world financial institutions and cryptocurrency trading platforms.
With over a billion dollars worth of cryptocurrencies stolen from various platforms over the past two years, Lazarus was specifically responsible for siphoning off over $500 million worth of digital assets from exchange networks.
Cryptocurrency exchange platforms that have fallen victim to its schemes include Bithumb, Yapizon, YouBit, Coinis, and Coincheck. Such groups commonly use spear phishing for their exploits.
The Lazarus crypto hacking group has spread its operations across the world.
Pyongyang cyber units have also been involved in a spate of scam coin setups to illicitly obtain funds from unsuspecting investors. Among recent discoveries was a scam coin dubbed Marine Chain, which the state of Ontario declared as a fraud. Now defunct, it allowed for the tokenization of marine vessels.
Clients lured in by the scheme lost their investments on the platform, allegedly set up by enablers in Singapore. Its website was hosted on four different IP addresses on different occasions. Some users also noted striking similarities with another platform called shipowner.io.
North Korean scammers may also be behind another scam coin dubbed Stellar Holdings or HOLD. Unusual activity involving the HOLD altcoin was detected between the months of March and August. Experts started to notice significant data transfer volumes during this period. Several network nodes indicated significant activity, especially during June.
The team behind the coin reportedly generated interest and revenue at the beginning of the year through a technique called stacking. It involves allowing miners to mine the cryptocurrency and add to its value and growth momentum before giving them permission to trade. Participants generally take on significant risks while indulging in such schemes because trades and time-frames are limited by coin developers.
There is also the real risk that the coin will depreciate in value before miners can trade. In August, the HOLD coin was apparently rebranded to HUZU after being listed and delisted on several cryptocurrency platforms. The change reportedly led to major financial losses among its investors.