Strong evidence is emerging that an elite team of hackers operating out of Pyongyang are stealing Bitcoin. It’s thought that the totalitarian nation is hoping to negate the effect of recent global trade embargos levied against them. As the UN sanctions tighten around the rogue state, it seems North Korea is turning to cybercrime to keep their economy buoyant.
The restrictions which followed the nation’s nuclear arms flex on September 3rd, 2017 will substantially hinder Kim Jong-un’s government’s ability to legally import gas and oil from China. However, Bitcoin is much easier to dodge sanctions with than traditional currency. The uniquely distributed payment system therefore opens a world of black market opportunities for those wishing to stay beneath the radar.
Whilst suspicion has been growing for some time, new research conducted by cybersecurity firm FireEye highlights a surge in spear-phishing attacks conducted against exchanges below the North/South divide. Luke McNamara of FireEye states:
“”It should be no surprise that cryptocurrencies, as an emerging asset class, are becoming a target of interest by a regime that operates in many ways like a criminal enterprise.”
Yuji Nakamura, and Sam Kim, report that FireEye have been able to trace hacks of multiple South Korean Bitcoin and Ethereum exchanges back to North Korean operators. Bithumb was one such target that back in May had its security compromised, costing $15 million and the sensitive details of many of their customers.
The allegations of spearfishing are just the latest example highlighting North Korea’s willingness to disregard any sort of international protocol. The nation is widely suspected of conducting various forms of illicit economic activity to aid their failing economy. In fact, it’s estimated that they’re able to bring $1bn into their coffers annually through such questionable practices. These include counterfeiting US dollars, producing narcotics, and smuggling gold.
As an executive, Kim Jong-un is no stranger to cybercrime either. From 2015 to 2016, several heists targeting the SWIFT global financial messaging service took place. The revenue generated is estimated to be well into the millions. Cybercrime experts attribute the acts to a ring known as the Lazarus Group who have later been linked with North Korea. It is unclear whether they’re a collective hired by Kim Jong-un’s government, or a secretive part of the state itself. McNamara notes the existence of a government agency known informally as Office 39, claiming them to be integral to the state’s ability to draw revenue and resources through black market means.
Whilst irrational to blame a tool for the actions of the craftsman, it’s likely that those Powers imposing sanctions on North Korea will take a dim view of the cryptocurrency thanks to North Korea’s cybercriminal activities. This would not be desirable for the asset’s proponents who are ever-striving for greater global acceptance.