North Korea’s “fast-developing tech abilities” could be helping it scale up its raids on financial sector targets like international crypto exchanges, say South Korean observers. Experts have spoken out after a report from the American armed forces concluded that several thousands of North Korean operatives are active worldwide, conducting hacks and raids on global crypto exchanges and other financial institutions.
Janet Cho, an IT journalist based in the South Korean capital, told Cryptonews.com that security experts based in the country have reported a “near-constant” flow of “spear-phishing attack attempts” they say originate from north of the Demilitarized Zone.
The South has repeatedly blamed Pyongyang for a series of hacks on Seoul-based crypto exchanges, including a 2018 raid on Bithumb.
Cho said,
“Crypto crime has become lucrative for those who can get away with it. And the North, with its fast-developing tech, web and crypto abilities, might have tapped into this. But gauging the scale of Pyongyang’s crypto-ambitions isn’t an easy task.”
Some say they are unsurprised by the reports – despite their alarming alleged scale.
Jo Do-heon, 73, a retired businessman based in South Korea, told Cryptonews.com,
“Underhand tactics like these have sadly become the norm for North Korea. In the South, we have become desensitized to reports like these. Nothing appears to be beyond this regime.”
In addition to the already-notorious Lazarus hacker group, which it blames for the WannaCry ransomware attacks of 2016-2017, the United States military says that it is aware of the existence of a group called Bluenoroff, which it says has “plus or minus 1,700” members.
The report’s author’s claim that Bluenoroff’s “mission is to conduct financial cybercrime by concentrating on long-term assessment and exploiting enemy network vulnerabilities. This group exploits the systems for financial gain for the regime or to take control of the system.”
Both Bluenoroff and Lazarus, says the American military, report to a secret North Korean military-run hacker unit known as Bureau 121. The unit has in excess of 3,000 members, claims the American army.
Operatives, it says, are active in nations all over the world including “Belarus, China, India, Malaysia and Russia.”
