North Korean hackers are suspected to be behind the attacks on cryptocurrency exchanges this year who have netted millions in the virtual currency, claims South Korea’s chief intelligence agency.
The widespread malware campaign targeting cryptocurrency users is believed to be carried out by the “Lazarus Group,” a state-sponsored hacking group linked to the North Korean government. According to researchers, this group has been involved in some notable crimes, such as the 2014 Sony Pictures hack, an $81 million Bangladesh cyber theft in 2016 and the worldwide WannaCry ransomware attacks in May this year.
Citing the country’s National Intelligence Service (NIS), South Korea’s Chosun Ilbo reported that the cyberattacks credited to North Korean hackers also included the leaking of personal information from 36,000 accounts from South Korea’s biggest and one of the top five cryptocurrency exchange in the world, Bithumb, in June.
It also cited the NIS saying that the hackers had also demanded a ransom of 6 billion won ($5.5 million) in exchange for destroying the leaked personal information. Additionally, around 7.6 billion won ($6.99 million) worth of cryptocurrencies were also stolen at that time.
Attacks also included the theft of cryptocurrencies from accounts at exchanges Yapizon, now called Youbit, and Coinis in April and September.
In October, another cyberattack on about 10 cryptocurrency exchanges was carried out by North Korean hackers using e-mails containing malware that used North Korean internet addresses, which was thwarted by the Korea Internet Security Agency (KISA), Chosun Ilbo cited the NIS.
According to the NIS, the malware used to hack the cryptocurrency exchanges was similar to the hacks carried out on Sony Pictures and Bank of Bangladesh in 2014 and 2016 respectively.