North Korea attackers target South Korean cryptocurrency exchanges
US cybersecurity firm has just released reports that link the hacking of main cryptocurrencies, Bitcoin and Ethereum, to Lazarus, a North Korean hacking group. These hacking attempts and security breaches from North Korea have reportedly happened to South Korean cryptocurrency exchanges.
In February 2017, Bithumb, the second largest cryptocurrency exchange suffered a loss of $7mln due to a security breach that affected mostly Bitcoin and Ethereum.
One of the methods employed by Lazarus Group was the distribution of Hangul Word Processors (HWP) files through e-mail. This is equivalent to Microsoft Word, with malware attached. Once a cryptocurrency user downloads the malware it effectively takes control and manipulates data automatically.
There is also enough evidence to link another South Korean exchange, Youbit and it’s bankruptcy with a North Korean hacker attack.
“This an adversary that we have been watching become increasingly capable and also brazen in terms of the targets that they are willing to go after. This is really just one prong in a larger strategy that they seem to be employing since at least 2016, where they have been using capability that has been primarily used for espionage to actually steal funds.”