US based Security researcher FireEye claim that the rising price of Bitcoin in tandem with the increasing international sanctions imposed upon North Korea have lead the rogue country to seek Bitcoin hack attacks as an alternate, low cost way of helping finance the state.
FireEye make the claims in a report published Monday on their website, stating that they have been observing actors they believe to be North Korean of origin. These actors have begun directing their focus on banks and global financial systems, something, the FireEye researchers claim that is outside the traditional forms of cyber espionage they observe as being associated with the country. The report states,
With North Korea’s tight control of it’s military and intelligence capabilities It is likely that this activity was carried out to fund the state or personal coffers of Pyongyang’s elite, as international sanctions have constricted the Hermit Kingdom.
South Korean Bitcoin Exchange Attacks
South Korean Bitcoin exchanges have become the target of Spearphishing attacks. These attacks are distinguished from general phishing attacks by virtue of being specifically targeted against specific individuals and these attacks have been observed by FireEye since potentially April of this year – attacks which have targeted multiple exchanges.
The first in April affected 4 wallets on the Yapizon South Korean Bitcoin exchange, and a further three took place in May and July. The South Korean exchange “Yapizon” lost more than 3,800 Bitcoins and although no evidence been discovered to implicate North Korea in that attack, it is suggested by FireEye that the others were.
“North Korea’s Office 39 is involved in activities such as gold smuggling, counterfeiting foreign currency, and even operating restaurants,” alleges the report.
North Korea Suspected of Sony Hack
North Korea is increasingly being implicated as being behind a number of large scale and public hacking cases. Most notably North Korea was the prime suspect behind the Sony hack in 2014, which exposed emails including information regarding star salaries.
The hackers, who went under the moniker “Guardians of Peace”, demanded that the fictional comedy film “The Interview” dealing with the assassination of North Korean leader Kim Jong-Un be withdrawn from release. United States intelligence officials, after evaluating the software, techniques, and network sources used in the hack, alleged that the attack was sponsored by North Korea. North Korea has denied all responsibility.