North Korea using hackers to raise revenue via crypto heists

2022-3-26 02:08

North Korea has been employing hackers to finance some state operations via “crypto heists”, according to a report by cybersecurity firm Mandiant.

“The country’s espionage operations are believed to be reflective of the regime’s immediate concerns and priorities, which is likely currently focused on acquiring financial resources through crypto heists, targeting of media, news, and political entities, information on foreign relations and nuclear information, and a slight decline in the once spiked stealing of COVID-19 vaccine research.”

The report details the country’s cyber operations and how they are structured within the Reconnaissance General Bureau, or RGB — North Korea’s intelligence agency akin to the CIA or MI-6. It also sheds light on the infamous hacker group “Lazarus” which has been operating out of North Korea since 2009.

According to the report, Lazarus is not a single group of hackers, rather an umbrella term reporters use to refer to numerous different state-backed hacker groups operating out of The Democratic Republic of North Korea. However, these different groups operate in different “sectors” and have unique responsibilities. One of the responsibilities is raising funds through the theft of cryptocurrencies.

Assessed cyber structure of DPRK cyber programs Latest cyber espionage activity

Hacker groups linked to Lazarus have recently been active and were exploiting a google Chrome vulnerability from early January 2022 until mid-February, when the exploit was patched out.

Google’s Threat Analysis Group, or TAG, said in a blog post on March 24th that North Korean state-backed attacker groups — tracked publicly as “Operation Dream Job” and “Operation AppleJeus” — had been exploiting a “remote code execution vulnerability in Chrome” since early January 2022 to conduct various hacks and phishing attacks. TAG’s Adam Weidemann said in the blogpost:

“We observed the campaigns targeting U.S.-based organizations spanning news media, IT, cryptocurrency, and fintech industries. However, other organizations and countries may have been targeted.”

The exploit allowed the hackers to send bogus job offers to people working in the aforementioned industries, which would then lead to spoofed versions of popular job-hunting websites like Indeed.com. The exploit kit and phishing are similar to those tracked in Operation Dream Job. Meanwhile, another hacker group has been targeting crypto firms and exchanges using the same exploit kit.

Google said that roughly 340 people had been targeted by hacker groups. It added that all identified websites and domains were added to its Safe Browsing service to protect users and it is continuing to monitor the situation.

Lazarus targeting financial services, crypto

Lazarus-linked hacker groups have been involved in various hacks on crypto firms and traditional banks for several years now. Some notable hacks include the 2016 Bangladesh Bank cyber heist and various crypto-related attacks in 2017.

The main hacker group focused on financial services attacks is APT38, which was behind the notorious SWIFT hack. It includes a subgroup called CryptoCore or “Open Password.”

Most of these hacks have been successful and it is estimated that hackers have raised over $400 million for North Korea. An investigation by the UN concluded that proceeds from these cyber heists have been used to fund the hermit country’s ballistic missile program.

The post North Korea using hackers to raise revenue via crypto heists appeared first on CryptoSlate.

Similar to Notcoin - Blum - Airdrops In 2024

origin »

Viacoin (VIA) на Currencies.ru

$ 0.248 (+1.13%)
Объем 24H $0
Изменеия 24h: 0.70 %, 7d: 3947.78 %
Cегодня L: $0.248 - H: $0.2527
Капитализация $0 Rank 7437
Цена в час новости $ 0.2072 (19.69%)

via north crypto heists korea hackers revenue

via north → Результатов: 30


National Bank of Egypt and LuLu International Exchange Connect Through RippleNet to Elevate Remittance Experience into Egypt

North Africa’s largest bank, National Bank of Egypt, joins RippleNet via LuLu International Exchange to process cross-border payments from the UAE to Egypt. The post National Bank of Egypt and LuLu International Exchange Connect Through RippleNet to Elevate Remittance Experience into Egypt appeared first on Ripple.

2021-5-20 09:00


Фото:

Notorious Hacker Group Lazarus Is Targeting The Cryptocurrency Industry Via LinkedIn – Warns Security Firm

Blockchain and cryptocurrency professionals on LinkedIn are under a new phishing threat that’s targeting them disguised as crypto-related job offers advertised on the platform. A new report by Finland-based Cyber Security Firm F-secure has linked the attack to one of the most infamous and allegedly State-backed North Korean hacking group, Lazarus, which targets organizations globally […]

2020-8-26 15:56


UN Accuses North Korea Of Laundering Money Via Hong Kong-based Blockchain Company

The sanctions committee of the United Nations has recently accused North Korea of using a blockchain firm in order to launder money overseas. According to the committee, an investigation was conducted and it was discovered that the country was using cryptos to evade sanctions imposed on it by the international community. Marine China, a blockchain […]

2019-11-7 23:00


Фото:

North Korean dissidents raise $14K with 100th ‘post-liberation visa’ on Ethereum blockchain

North Korean crypto-revolutionary crew Civil Cheollioma Defense (CCD) has issued its 100th “post-liberation blockchain visa” via the Ethereum blockchain. The group says it has been selling its tokenized visas (G-Visas) since Monday morning, after it claimed it necessary to delay sale for roughly 12 hours due to high demand.

2019-3-27 14:32