Asia

Pyongyang-Linked Hackers Attacked Cryptocurrency Exchanges in S Korea - Report

MOSCOW (Sputnik) - Hackers from the Lazarus Group, which is linked to Pyongyang, targeted South Korea's cryptocurrency exchanges at the end of the last year, before the two countries embarked on conciliatory talks, the report of Internet company Recorded Future said.
Sputnik

"North Korean government actors, specifically Lazarus Group, continued to target South Korean cryptocurrency exchanges and users in late 2017, before Kim Jong-un’s New Year’s speech and subsequent North-South dialogue," the report, published on Tuesday, said.

According to the report, the hacking campaign targeted not only cryptocurrency users, but also South Korean students with an interest in foreign affairs and belonging to a "Friends of MOFA" (Ministry of Foreign Affairs) group.

They Did It: White House Officially Accuses North Korea of #WannaCry
The analysts said the campaign likely began in the late fall 2017.

The report pointed to the similarity between the code used in the latest attacks and the one in Destover malware used for the attacks on Sony Pictures Entertainment in 2014 and WannaCry attack in February 2017.

READ MORE: Analyst Dismisses White House Claims Pyongyang Behind WannaCry

According to the analysts, the use of Chinese terms in the exploit implementation might be a false flag maneuver.

In mid-December, the South Korean intelligence agency said it obtained proof of Pyongyang's alleged complicity in the theft of personal data of about 30,000 users of the Bithumb cryptocurrency exchange.

Pyongyang has reportedly increased the number of its cyber attacks after the toughening of international sanctions aimed at suppressing its nuclear program. Britain's MI-6 accused last year cybercriminals of attacking the British National Health Service (NHS), effectively disrupting its work for almost a day.

Discuss