North Korean hackers may be taking advantage of bitcoin bubble

18 Dec 2017

Image: Parilov/Shutterstock

North Korean hackers are being accused of instigating a campaign to target bitcoin’s biggest players as the cryptocurrency bubble continues to expand.

As with any must-have digital good, bitcoin and its meteoric rise has encouraged a legion of hackers to jump on the trend with the hopes of catching people out both financially and through their personal data.

This is true of a band of North Korean hackers known as the Lazarus Group, which been accused of targeting executives of cryptocurrency companies with phishing attacks.

According to ZDNet, security research firm Secureworks identified emails sent to at least one cryptocurrency company based in London. Staff were sent an email advertising a chief financial officer position that contained an infected Microsoft Word document. Once the document is opened, it then unleashes the malware on the victim’s computer, giving the hacker access to the device.

So far, the malware hasn’t affected any of its cryptocurrency targets, partly due to the security-centric knowledge of the targeted company and its employees.

“Our inference based on previous activity is that this is the goal of the attack, particularly in light of recent reporting from other sources that North Korea has an increased focus on bitcoin and obtaining bitcoin,” said Rafe Pilling, a senior security researcher at Secureworks.

$7m stolen from South Korean exchange

However, the insular nation is also accused of conducting bitcoin-related hacks on its longstanding enemy, South Korea.

According to the BBC, a South Korean bitcoin exchange has had $7m stolen as part of a major hack, which the country’s intelligence agency believes originated from North Korea.

The Bithumb exchange is one of the largest traders in bitcoin and Ethereum-based cryptocurrencies, not just in South Korea, but also the world.

It is estimated that 30,000 users of the exchange were affected by the hack, and security researchers believe that North Korean hackers are likely to continue targeting cryptocurrencies. The South Korean intelligence agency claims that, given the skyrocketing price of bitcoin right now, North Korea could stand to gain financially as it currently struggles under a number of sanctions.

It also accused North Korean hackers of being behind the breach of another cryptocurrency exchange, Coinis, in September.

Colm Gorey was a senior journalist with Silicon Republic