North Korea is suspected to be stepping up efforts to secure Bitcoin (Bitcoin) and other cryptocurrencies, which could be used to avoid trade restrictions, Forbes reported soon after new sanctions against the country were approved by the United Nations Security Council.
А new report from security firm FireEye notes that North Korean actors have unleashed cyberattacks on no fewer than three South Korean cryptocurrency exchanges since May 2017, with the suspected goal of stealing funds, one of which was successful.
In April, roughly $5.3 million in bitcoin was reported stolen from Yapizon, a prominent South Korean exchange.
In July, news outlets revealed that “billions” of Korean won had been stolen from Bithumb, one of South Korea’s largest exchanges.
And most researchers believe the WannaCry ransomware attack, which affected computers at major companies and public institutions worldwide in May, was carried out by North Korea.
FireEye suspects North Korean actors emailed documents that appeared to be related to South Korea’s tax deadline to some of South Korea’s cryptocurrency organizations, in an attempt to breach security and steal bitcoin.
The authors of the report identified the malware, known as PEACHPIT, and provided examples of documents it was attached to.
“We definitely see sanctions being a big lever driving this sort of activity,” said Luke McNamara, a researcher at FireEye and author of the new report. “They probably see it as a very low-cost solution to bring in hard cash.”