North Korea attackers target South Korean cryptocurrency exchanges

North Korea attackers target South Korean cryptocurrency exchanges

US cybersecurity firm has just released reports that link the hacking of main cryptocurrencies, Bitcoin and Ethereum, to Lazarus, a North Korean hacking group. These hacking attempts and security breaches from North Korea have reportedly happened to South Korean cryptocurrency exchanges.

In February 2017, Bithumb, the second largest cryptocurrency exchange suffered a loss of $7mln due to a security breach that affected mostly Bitcoin and Ethereum.

In a report released by US researchers, titled “ North Korea Targets South Korean cryptocurrency Users and Exchange in Late 2017 campaign” the researches stated that the same type of malware used in the famous Sony pictures hack by North Koreas hacking group Lazarus has been used in attacking the crypto world.

One of the methods employed by Lazarus Group was the distribution of Hangul Word Processors (HWP) files through e-mail. This is equivalent to Microsoft Word, with malware attached. Once a cryptocurrency user downloads the malware it effectively takes control and manipulates data automatically.


There is also enough evidence to link another South Korean exchange, Youbit and it’s bankruptcy with a North Korean hacker attack.

Fireeye senior analyst “Luke Mcnamara” reported the following:

“This an adversary that we have been watching become increasingly capable and also brazen in terms of the targets that they are willing to go after. This is really just one prong in a larger strategy that they seem to be employing since at least 2016, where they have been using capability that has been primarily used for espionage to actually steal funds.”