A global cybersecurity firm reports the North Korean regime is filling its coffers with cash from government-sponsored hacking groups who perform crypto thefts.
Mandiant, the Virginia-based company with offices worldwide that works with law enforcement to fight cybercrime, recently wrote on its blog that the isolated country has shifted its focus from pilfering COVID-19 vaccine research to stealing digital assets.
The blog said the nation is targeting financial institutions (FIs) and crypto companies.
“Over time, we began to see this organization shift from strictly COVID-19 efforts to the targeting of defectors, defense and governments, bloggers, media, cryptocurrency services and financial institutions,” Mandiant wrote.
North Korea is likely using the stolen cash to fund vaccines and weapons and to bypass sanctions placed on them by countries around the world.
“Information collected in these campaigns will possibly be used to develop or produce internal items and strategies, such as vaccines, mitigations to bypass sanctions, funding for the country’s weapons programs, and so on,” Mandiant said.
The country supports the Lazarus Group, a cybercrime enterprise comprised of an unknown number of individuals run by the North Korean government, the blog said.
The Reconnaissance General Bureau (RGB), North Korea’s foreign intelligence service responsible for clandestine operations, is responsible for the country’s criminal cyber operations, including espionage, destructive operations, and financial crimes, the report revealed.
North Korean hackers stole nearly $400 million in cryptocurrencies across at least seven cyberattacks that targeted investment firms and centralized exchange, according a Chainalysis report. In 2017, bitcoin comprised just about all crypto stolen by North Korean hackers.
See also: North Korean Hackers Swiped $400M in Crypto Last Year
Fraudsters used phishing lures, code exploits, malware and advanced social engineering to funnel the funds from connected “hot” wallets into addresses controlled by the Democratic People’s Republic of Korea (DPRK). The monies were then laundered and cashed out.
We’re always on the lookout for opportunities to partner with innovators and disruptors.
Learn More