North Korea pursues cryptocurrency exchanges in South Korea

This is a contributed piece by Priscilla Moriuchi, Director of Strategic Threat Development at Recorded Future

In his 2018 New Year’s speech, Kim Jong Un acknowledged that the international sanctions and pressure were having an impact on North Korea’s economy. He called the sanctions “vicious” and vowed to increase North Korea’s independence from the global financial system.

Likely in response to this increasing economic pressure, we have seen a wave of attacks targeting cryptocurrency exchanges and users since early 2017. This campaign continues a theme in the North’s cyber operations focusing on utilizing cryptocurrencies to generate revenue for the Kim regime, which ranges from mining to ransomware and outright theft.

The latest major operation discovered by Recorded Future was a spear phishing campaign launched in late 2017 which leveraged four different lures to trick victims into installing malware which exploited the popular word processing program Hangul Word Processor (.hwp file extension). Once deployed, the malware would steal information about the victim system and exfiltrate files.

Compute power from many organizations is being slyly diverted into cryptocurrency mining. Find out: Why cryptojacking is an overlooked security threat

To continue reading...


« Will the 'future of work' make employees more productive?


Peer networking: The importance for CIOs and other IT leaders »
IDG Connect

IDG Connect tackles the tech stories that matter to you

  • Mail