The use of cryptography by obscure interests is an inescapable reality that must be met with criteria, infrastructure and especially, adequate regulatory frameworks that take care of the balance between innovation and security. But when it comes to regimes of countries whose action is questionable, things are even more complicated, as in the case of North Korea.
According to the cybersecurity firm Inksit Group, hackers funded by the state of North Korea have been attacking cryptographic targets of South Korea as cryptocurrency exchanges, to circumvent the various sanctions imposed on the regime of that country.
It was also learned that the North Korean regime has been implementing ICO’s campaigns through various projects as a strategy to elude Western sanctions. As early as 2018 both Inksit Group and Recorded Future, another cybersecurity firm, publicly stated that the North Korean regime was behind several high-profile security attacks on South Korean cryptocurrency exchange sites.
More specifically, Inksit Group stated that the same malware used in the piracy attack on Sony Pictures was used to violate Coinlink, a South Korean cryptocurrency exchange. At that time Inksit Group warned that Lazarus Group, a kind of organization focused on cyber attacks and sponsored by the North Korean regime, participated in the cyber attack on Bithumb.
However, the attacks of the North Korean regime are still very active, and they are targeting South Korean crypto exchange sites. The imperative need of North Korea to avoid international sanctions has led them to devise mechanisms to survive, and cryptography has been the most suitable way.
The South Korean authorities are quite aware of what is happening and several government agencies in that Asian country have required that the digital asset trading platforms be reinforced in the implementation of solid security measures to prevent computer attacks and also to obtain insurance to protect users’ funds at all times.
The cybersecurity firm also stated that North Korea led a fraudulent ICO project called Marine Chain. But it was not the only walk of that type. They also discovered that a network of “enablers” from North Korea in Singapore launched several ICO scams, including the HOLD one.
They have also distributed files of the Hangul word processor (HWP), which are equivalent to Microsoft Word documents, in South Korea in order to sabotage employees of cryptocurrency exchanges in that country.
Bithumb, one of the largest cryptocurrency exchanges in South Korea, was attacked a few months ago in a way identical to the attack suffered in 2017. Things tend to get complicated and preventive actions are still slow to apply.