Reports have emerged that North Korean hackers are hacking cryptocurrency mining. This time around, the aim of the hacking process was not to steal data but to steal cryptocurrencies. In the last few years, cryptocurrencies have become a valuable asset with coins like Bitcoin and Ethereum soaring in value. The attack appears to be a state-sponsored one as Pyongyang looks for more creative ways to raise money in the midst of crippling UN-imposed international sanctions. North Korea has come under tough economic restrictions due to their nuclear weapons program. The country’s administration has remained bullish, however, looking for alternative ways to raise money to fund their goal of developing nuclear weapons.
Andariel which is a hacking program successfully hacked into the Monero blockchain. According to Kwak Kyoung-Ju, the leader of a hacking analysis team at South Korea’s Financial Security Institute, the malware was able to mine 70 XMR (Monero coins). Using the market value information as stated on CoinMarketCap, the value of 70 XMR is about $25,000. The Andariel malware was used to forcibly hijack one of the servers of a company in South Korea. The server was then used to mine the 70 XMR.
North Korea: A Litany of Suspected Hacking and Cyber Attacks
In recent years, there have been many high-profile cases of hacking and digital espionage that have been linked to North Korea. In 2016, the British and United States Government alleged that North Korea was responsible for the WannaCry cyber-attack. In Britain, the WannaCry ransomware crippled the NHS and led to severe service disruption in the British health system. Outside of Britain, the attack affected more than 150 countries with as many as 300,000 computers being infected with the malware program. The perpetrators of the attack demanded a ransom to be paid in Bitcoin.
The WannaCry attack was targeted at computers that were running outdated security programs on the Microsoft Windows OS. This led to calls for improvements in the security of Government networks across the globe. The malware encrypted the affected computers and the hackers demanded payment in Bitcoin to deliver the decryption key.
The WannaCry attack was just one out of a number of suspected Cyber-attacks allegedly orchestrated by North Korea. There were strong indications that the group “Guardians of Peace” who claimed responsibility for the 2014 Sony hack were indeed North Korean. Many experts point to the timing of the attack which happened in close proximity to the release of the Sony film, “The Interview.”
The Crypto Hacking Trend
The internet is replete with stories of hacks and malicious attacks against cryptocurrency establishments. With cryptocoins being incredibly valuable, they have become a veritable target for hackers. Cryptocurrency exchange platforms have suffered cyber-attacks in the form of hacking. Intruders have gained access to wallet information and have stolen cryptocoins worth millions of dollars. There are reports of bots that have been created to steal bandwidth from computers to be used for illicit mining operations. As a result, many owners of cryptocoins have begun to use cold storage options that safeguard their coins from online hacking.
Perhaps one of the most popular cryptocurrency hacking stories is that of the DAO. Hackers were able to take advantage of a programming flaw in the framework of the DAO (Decentralized Autonomous Organization) and steal Ether (a type of cryptocurrency). Such was the scale of this digital heist that it led to a fork (split) in the Ethereum network and a re-evaluation of blockchain security protocols. Till this day, the funds stolen in the DAO hack have remained uncovered. In fact, in many cases of digital hacking in the crypto world, the effects are largely permanent.
No Signs of Slowing Down
According to government sources in South Korea, there seems to be an increase in North Korea’s effort to hack cryptocurrencies. The Andariel malware is being developed by a splinter faction of the Lazarus Group which is believed to be one of the largest and most dangerous hacking networks in North Korea. The emphasis of this new wave of alleged North Korean cyber-attack is not on stealing data like in the case of the WannaCry attack and the Sony Hack. Instead, the focus has shifted considerably to stealing money.
While hacking is in itself a dangerous phenomenon, this new approach by these hackers put not just only Governments at risk, but also private corporations. Whether these alleged North Korean hackers are carrying out a State-sponsored mandate or they are being orchestrated by individuals looking to make money remains to be seen. What is sure is that just like Kwak Kyoung-Ju says, Andariel is actively trying to hack anything that makes money. The complex nature of these attacks makes them a cause for worry and concern for all stakeholders in Government and in the Business world.