![]() ![]() I think that is potentially very destabilizing for the geopolitical realm, and very, very dangerous." A graph showing both the number and value of North Korean cryptocurrency platform hacks tracked by Chainalysis since 2017.Įxperts SearchSecurity spoke with generally described North Korea as having a sophisticated offensive cyberoperation.Īaron Arnold, a senior associate fellow at U.K. "But what they uniquely realized was that they could, by building a cybercriminal organization, fight on a digital battlefield with some of the world's superpowers. "This is a tiny, tiny country with absolutely no economy, and is not a player on the global stage at all from an economic standpoint," he said. Not all of its activity is financially motivated - the Lazarus Group was responsible for the infamous 2014 Sony Pictures hack - but government funding via cybercrime is generally unique to the DPRK.Īri Redbord, head of legal and government affairs at blockchain fraud intelligence vendor TRM Labs, referred to North Korea as an "extraordinary case." Both exist as part of the DPRK's Reconnaissance General Bureau - responsible for the state's covert military and intelligence operations. The Lazarus Group, meanwhile, was behind the WannaCry attacks in mid-2017. The group was responsible for the SWIFT banking transaction system attacks in 2018 that resulted in $100 million stolen and many other attacks. ![]() The aforementioned APT38 is a financially motivated actor that has been tracked by researchers since at least 2014. But while Iranian state hackers have conducted ransomware attacks and cryptocurrency mining and Russia is understood to utilize private ransomware gangs in some capacity, North Korea is the only major adversary that incorporates financial cybercrime into its offensive activities as a primary goal. Despite its size, the country's enormous military and cybersecurity investments have made it one of the United States' "big four" nation-state adversaries along with Russia, Iran and China.ĬrowdStrike senior vice president of intelligence Adam Meyers told SearchSecurity last year that overwhelmingly, the goal of nation-state activity is to collect information. North Korea is a small, insular nation with an estimated population of 25 million people. Axie Infinity artwork showcasing its virtual pet characters. The reason for these attacks, based on conversations with experts on both cryptocurrency and North Korea, appears to be a combination of opportunity and a highly adaptive offensive cyberoperation. The North Korean government also has a lengthy history with financially motivated cybercrime.īut the Axie Infinity hack represents an enormous theft on behalf of Kim Jong Un's regime, and acts as the latest in a long line of big-game heists against cryptocurrency platforms. Blockchain analytics firm Chainalysis reported that last year that the country stole nearly $400 million in at least seven attacks against cryptocurrency platforms. The Axie Infinity heist is not the first cryptocurrency heist for the Democratic People's Republic of Korea (DPRK). Three weeks after the initial attack and two weeks after it was disclosed, the FBI formally attributed the attack to the Lazarus Group and APT38, nation-state threat groups tied to the North Korean government. Hackers stole 173,600 Ethereum and 25.5 million USD Coin, worth approximately $620 million at the time (and about $375 million as of this writing). The breach occurred when attackers gained control of a series of validator nodes attached to Axie Infinity to conduct fake withdrawals. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |