North Korean crypto theft will set a new record in 2022

According to a presently secret United Nations study reported on by Reuters on Monday, North Korea targeted the networks of multinational aerospace and defense corporations and stole more bitcoin assets in 2022 than any previous year.

Independent sanctions monitors revealed to a U.N. Security Council committee that:

(North Korea) employed increasingly sophisticated cyber tactics both to acquire access to digital networks involved in cyber financing, and to steal information of potential value, including to its weapons programs.

North Korea has been charged by the monitors of employing cyberattacks to support the funding of its nuclear and missile programs.

The monitors, citing data from U.N. member states and cybersecurity firms, stated in their report, which was given to the 15-member council’s North Korea sanctions committee on Friday,

A bigger worth of cryptocurrency assets was taken by DPRK agents in 2022 than in any prior year.

Prior to this, North Korea has refuted claims of hacking or other cyberattacks.

A cybersecurity company calculated that North Korean cybercrime produced digital currencies worth more than $1 billion, while South Korea believed that hackers with North Korean ties stole virtual assets worth $630 million in 2022, according to the sanctions monitors.

Both estimations indicate that 2022 was a record-breaking year for DPRK (North Korea) virtual asset theft, according to the U.N. report. “The volatility in USD value of cryptocurrency in recent months is likely to have affected these figures,” it stated.

The identical conclusion was obtained last week by an American blockchain analytics company.

The U.N. study stated:

The methods employed by cyberthreat actors have advanced, making it more challenging to track stolen funds.

According to diplomats, the public release of the study is scheduled for later this month or early next month.

Extortion

According to the observers, the Reconnaissance General Bureau, which is North Korea’s main intelligence agency, controls the majority of the cyberattacks. The cybersecurity sector was claimed to have been keeping an eye on these groups, which included the hacker teams known as Lazarus Group, Andariel, and Kimsuky.

The U.N. assessment states that:

These actors continued to unlawfully target victims to generate income and collect information valuable to the DPRK especially its weapons programs.

The sanctions monitors claimed that the organizations used a variety of tactics, including phishing, to distribute malware. One such effort addressed workers in businesses in several nations.

Initial connections with targets were made using LinkedIn, and when a certain amount of confidence had been built, malware payloads were distributed through ongoing WhatsApp discussions, according to the U.N. report.

Additionally, it stated that HOlyGhOst, a North Korean-affiliated gang, had “extorted ransoms from small- and medium-sized firms in various countries by disseminating ransomware in a widespread, financially motivated campaign,” according to a cybersecurity firm.

The U.N. sanctions monitors concluded in 2019 that North Korea has used extensive and increasingly sophisticated cyberattacks over several years to produce an estimated $2 billion for its weapons of mass destruction programs.

Beating Sanctions

The monitors added that Pyongyang continued to develop nuclear fissile material at its facilities and fired out at least 73 ballistic missiles, including eight intercontinental ballistic missiles, in their most recent annual report.

North Korea is prepared to conduct its seventh nuclear test, the US has long warned.

The Security Council has long prohibited North Korea from conducting nuclear testing and ballistic missile launches. It has been under U.N. sanctions since 2006, which have been reinforced every time by the Security Council to specifically target Pyongyang’s nuclear and ballistic missile programs.

However, the monitors claimed that North Korea has kept up its illicit coal shipments and refined petroleum purchases in order to get under the sanctions. They added that they have opened an investigation into claims that North Korea is exporting weapons.

The Russian mercenary firm Wagner Group has been charged by the US for acquiring weapons from North Korea to support Russian forces in Ukraine. The accusation has been dismissed by North Korea as unfounded, and Yevgeny Prigozhin, the owner of Wagner, has denied obtaining weapons from the country.

China and Russia blocked a U.S.-led effort to penalize North Korea further at the United Nations last May. Included in this was a suggestion to freeze the Lazarus hacking group’s assets.

The Lazarus group has been charged with participating in the 2014 cyberattacks on Sony Pictures Entertainment, the “WannaCry” ransomware attacks, and the hacking of multinational banks and customer accounts.

In April, the United States asserted that North Korean hackers were responsible for the loss of hundreds of millions of dollars’ worth of bitcoin linked to the well-known online game Axie Infinity. According to Ronin, a blockchain network that enables players to transfer cryptocurrency in and out of games, on March 20, 2022, digital currency worth about $615 million was stolen.

Related

• North Korea Is Targeting Crypto Hodlings – Are Your Funds Safe?
• The financing of North Korea’s nuclear development comes from digital currency theft
• North Korean hackers target Japanese-based cryptocurrency exchanges