The recent hacking of a cryptocurrency exchanges is allegedly believed to come from North Korean hackers. The hacking of South Korean exchange Youbit (not to be confused with YOBit, which is still operating normally) resulted in 17% of their assets being stolen. They did not specify the total worth but back in April they were hacked for about 72 million dollars worth of Bitcoin. Youbit Exchange has shut down and filed for bankruptcy.
Cryptocurrency exchanges from South Korea, which account to up to 30% of world bitcoin trading, appear to be the main target of the hackers. South Korea’s largest exchange Bithumb was hacked last July for over 1.2 billion won.
CrowdStrike CEO George Kurtz has told mainstream media that North Korea is “absolutely” stockpiling Bitcoin to launch cyber attacks.
“They’re building a cache of Bitcoin, if you think about it. It’s an anonymous currency, it can easily bypass any sort of sanctions because there are none on Bitcoin, and the value has increased dramatically,” Kurtz continued.
There are even known North Korean criminal groups like the Lazarus Group who have been traced back to large hacks in the past. The Lazarus Group is a prolific cyber criminal gang with links to North Korea and have been known to target employees of cryptocurrency firms in a bid to steal bitcoin. The attacks have tried to trick workers into compromising their computers by including a seemingly innocuous Word file that claims they need to enable editing to see the document. If they fell prey, it installed a rogue macro that quietly loaded a PC-hijacking trojan while staffers were busy looking at the bogus document.
Researchers note that North Korea has shown active interest in Bitcoin since at least 2013, with usernames and IP addresses in North Korea regularly linked to research into the cryptocurrency, as well as to criminal and espionage campaigns to acquire it.