North Korean Hackers Attacking on Individuals After Exchanges Boost Cybersecurity
In a South China Morning Post dated November 29, North Korean hackers are believed to be behind the over thirty attacks on crypto holding individuals, as detected by Cuvepia, a cybersecurity firm.
The CEO, Kwon Seok-Chul of Cuvepia, which is a South Korean cybersecurity company, asserted that the hackers are targeting "simple wallet users who have invested in cryptocurrency". He also claimed that there is a possibility of multiple undetected attacks and the number could be over a hundred. According to the article, "the targeting of individuals holding virtual currencies such as Bitcoin (BTC) marks a departure from its previous methods."
As earlier reported by Cointelegraph, two cryptocurrency scams were sponsored by the North Koreans. The first one was called the Interstellar coin, and was founded by Insikt Group in June 2018; the second one was reportedly called the Marine Chain coin, which was detected in a "couple of Bitcoin forums" in August 2018.
As opined by Simon Choi, the founder of a cyber warfare research company, IssueMakersLab, the shift towards attacking individuals is a consequence of the enhancement of cybersecurity by exchanges and financial institutions: "Direct attacks on exchanges have become harder, so hackers are thinking about alternatively going after individual users with weak security."
Choi also added that the "CEOs of wealthy firms and heads of institutions" are more vulnerable targets for these hackers as they believe that then "they can take advantage of billions of won in virtual currencies."
Luke McNamara, an analyst at cybersecurity company FireEye, reasoned: "it's possible from previous intrusions they've been able to collect information" about "people using these [cryptocurrency] exchanges."
they can take advantage of billions of won in virtual currencies.
McNamara further explained that the hackers become more efficient "when they understand and know the targets" and thus "are able to craft lures specific to those organizations or entities." He concluded by saying that this makes them "effective at what they are doing."
As earlier reported by Cointelegraph, Kaspersky Labs states that North Korean hacker collective Lazarus Group used the "first" macOS malware to hack a crypto exchange. As put forward by a lot of experts, North Korea incrementally uses cryptocurrencies to avoid US sanctions.