How North Korea Used Crypto to Hack Its Way Through the Pandemic
“You are mistaken if you think they will have moral compunction for attacking somebody else’s network,” Jang Se-iul, a graduate of Mirim College who served as an officer in the North Korean military before defecting to South Korea in 2008, said in an interview. “To them, cyberspace is a battlefield and they are fighting enemies out there hurting their country.”
Mr. Jang said North Korea first began building its electronic warfare capability for defensive purposes, but soon realized that it could be an effective offensive weapon against its digital enemies.
Around the time Mr. Jang arrived in Seoul, websites in South Korea and the United States were under a wave of cyber attacks. Going by names like Lazarus, Kimsuky and BeagleBoyz, North Korean hackers used increasingly sophisticated tools to infiltrate military, government, corporate and defense-industry networks around the world to conduct cyberespionage and steal sensitive data to aid its weapons development.
“Make no mistake, DPRK hackers are really good,” said Eric Penton-Voak, a coordinator at the U.N. panel of experts, during a webinar in April, using the acronym of North Korea’s official name, the Democratic People’s Republic of Korea. “They look at really interesting and very gray, new areas of cryptocurrency because actually, A, no one really understands them, and B, they can exploit weakness.”
Usually, North Korean hackers breach foreign crypto wallets through phishing attacks, luring victims with fake LinkedIn recruiting pages or other bait, according to Chainaysis. Then the hackers use a complex set of financial instruments to transfer the stolen funds, moving the loot through cryptocurrency “mixers” that combine multiple streams of digital assets, making it harder to track the movement of one particular batch of cryptocurrency.
“They’re very methodical in how they launder them,” said Erin Plante, senior director of investigations for Chainalysis. “They’re very methodical in small amounts moving over long periods of time to ultimately try to evade investigators.”
