North Korea is on a dangerous crypto mission, says expert

Frightening military hacking programme - code-named Lazarus - is enticing talented young developers into a dark underworld where they are trained to steal crypto

Kim Jong-un’s North Korea has become an extremely dangerous cyber power on a mission to steal cryptocurrency throughout the world, warns a respected cybersecurity expert.

According to a Coin Rivet article for the Daily Express, the mysterious nation is hell-bent on snatching as much cryptocurrency as its army of hackers can lay their hands on in order to fund weapons programs and bypass worldwide sanctions against Pyongyang.

The chilling mission – codenamed ‘Lazarus’ – has already infiltrated banks and crypto assets in more than 150 countries, with at least $700m being stolen. Many millions more may have been taken by hackers which authorities cannot trace back to the dictator’s crack team of coders.

Internationally renowned expert Gareth Niblett – owner and director of cybersecurity firm Blackarts – explained his studies of the developing situation reveal that Pyongyang now considers cyberspace as a military domain.

Stealing

“North Korea has been desperately trying to raise cash to combat international embargoes over recent years, and have resorted to stealing it since at least 2016,” he said.

“They go where the money is. It started with traditional banking systems around the world – Bank of Bangladesh and Banco de Chile for example and, more recently, moving to using malware to mine cryptocurrency.”

It is understood that the shadowy Reconnaissance General Bureau – North Korea’s equivalent of the CIA – is behind the Lazarus hacking programme. RGB officers are thought to handpick the country’s most talented young digital minds and send them to rigorous training camps where they are turned into highly-skilled hackers.

The youths are enticed with the promise of cash, better working conditions and even international travel where they are dispatched as spies in various countries around the world under the guise of being innocent IT executives working abroad.

Highly destructive

After completing their intensive training, Lazarus agents then hack cryptocurrency exchanges and spread highly destructive ransomware on other networks. Only recently, exchanges in Japan and South Korea were compromised by Kim Jong-un’s hackers, and many governments also point the finger at Pyongyang for the spread of the 2017 Wannacry virus.

The Wannacry ransomware attack hit millions of servers across the globe and, most notably, almost brought the UK’s National Health Service to its knees. More than 19,000 medical appointments had to be cancelled at a cost of £92m.

“North Korea is one of a number of growing global cyber powers building offensive cyber capabilities for military, intelligence, and economic aims,” warned Mr Niblett.

“Cyber is now considered as the fifth military domain, after land, sea, air, and space.”

The evidence against Kim Jong-un’s brutal regime is, he confirms, stacking up. But the solution is less than clear.

Sanctioned by the state

“It is evidently sanctioned and funded by the North Korean state,” he added.

“Hacking activities have been linked to military and education establishments, as well as front companies operating internationally.”

Mr Niblett stressed that, while plenty was being done to tackle the threat of North Korea’s increasingly sophisticated cyber attacks and hacks into cryptocurrency exchanges, many of the aggressive activities simply could not be prevented. He ruled out the prospect of more direct action, certainly for the immediate future.

“As well as international sanctions, which most countries have complied with, Western intelligence agencies will likely have mapped the North Korean network with a view to detecting or disrupting their activities, or destroying capabilities should the need arise,” he said.

“Any direct action has to be weighed against emerging nuclear capabilities, a military stand-off in the Korean peninsula, stability/predictability of the regime’s leadership, and ongoing US negotiations.

“For now, it’s likely that efforts will be more focussed on detecting, disrupting, and recovering from hacks, rather than overt attacks.”

Related Articles