Značka: cyber attack

‘Nobody is holding them back’ — North Korean cyber-attack threat rises

North Korea-backed cyberattacks on crypto and tech firms will only become more sophisticated over time as the country battles prolonged economic sanctions and resource shortages. Former CIA analyst Soo Kim told CNN on July 10 that the process of generating overseas crypto income for the regime has now become a “way of life” for the North Koreans. “In light of the challenges that the regime is facing — food shortages, fewer countries willing to engage with North Korea […] this is just going to be something that they will continue to use because nobody is holding them back, essentially.”She also added that it is likely that their crypto attacking “tradecraft” will only improve from here on. “Even though the tradecraft is not perfect right now, in terms of their ways of approaching foreigners and preying upon their vulnerabilities, it’s still a fresh market for North Korea,” said Kim. The RAND Corporation policy analyst made the comments almost two months after the release of a joint advisory from the United States government about the infiltration of North Korean operatives across freelance tech jobs — posing risks of intellectual property, data, and funds theft that could be used to violate sanctions. Former FBI intelligence analyst Nick Carlsen told CNN that DPRK operatives embedded in these firms would not only earn income used to skirt sanctions but they could also potentially identify vulnerabilities in certain client systems that their hacker comrades could take advantage of. “Any vulnerability they might identify in a client’s systems would be at grave risk,” explained Carlsen.Related: Crypto market crash wipes out millions from North Korea’s stolen crypto fundsIn a lengthy Twitter expose about North Korean hackers, The Defi Edge noted that these crypto attacks typically target bridges, focus on companies based in Asia, and often begin by targeting unsuspecting employees.What the Crypto Hacks Have in Common• They tend to target bridges in Crypto• They tend to focus on companies based in Asia, maybe because of language• Most of the exploits start with social engineering by targeting unsuspecting employees, and getting them to open a file.— Edgy ️ (@thedefiedge) July 7, 2022The country has been identified as being allegedly behind some of the largest cyberattacks in recent crypto history, including the $620 million hack of Axie Infinity and the $100 million hack of the Harmony protocol.A report from Coinclub on June 29 estimated there are as many as 7,000 full-time hackers in North Korea working to raise funds through cyberattacks, ransomware, and crypto-protocol hacks.

Čítaj viac

North Korean hackers stole $400M in 2021, mostly ETH: Chainalysis

North Korean crypto hackers siphoned off nearly $400 million in crypto through cyber attacks in 2021 according to new data from Chainalysis.The type of crypto stolen has also seen a sea change according to the Jan. 13 report from the blockchain analytics firm. In 2017, BTC accounted for nearly all the crypto stolen by the DPRK, but it now accounts for just one fifth:“In 2021, only 20% of the stolen funds were Bitcoin, whereas 22% were either ERC-20 tokens or altcoins. And for the first time ever, Ether accounted for a majority of the funds stolen at 58%.”The report stated that attacks in 2021 from North Korea (DPRK) primarily targeted “investment firms and centralized exchanges, and made use of phishing lures, code exploits, malware, and advanced social engineering” to maliciously acquire the funds. Stolen cryptocurrency is believed to be used by the DPRK to evade economic sanctions and to help fund nuclear weapons and ballistic missile programs, according to a UN Security Council report.The threat that the DPRK presents to global crypto platforms has become ever-present. Chainalysis now refers to hackers from the Hermit Kingdom, such as Lazarus Group, as advanced persistent threats (APT). These threats have been on the increase over the past three years, following the all-time high of over $500 million in crypto stolen in 2018.Chainalysis reported that the funds were meticulously laundered. Methods range from chain hopping, the ‘Peel Chain’ method, and more recently the hackers have employed a complicated system of coin swaps and mixing.Related: LCX loses $6.8M in a hot wallet compromise over Ethereum blockchainMixers were used on over 65% of the funds stolen in 2021, which is a 3-fold increase since 2019. A mixer is a software-based privacy system that allows users to hide the source and destination of the coins they send. Decentralized exchanges (DEX) are increasingly preferred by hackers since they are permissionless and have ample liquidity for coins to be swapped at the user’s will.Chainalysis used the Aug. 19, 2021 hack at Liquid.com in which $91 million in crypto was stolen as an example of the typical way in which DPRK hackers launder funds. They first swapped ERC-20 coins for Ether (ETH) at decentralized exchanges. Then the ETH was sent to a mixer and swapped for Bitcoin (BTC), which was also mixed. Finally, BTC was sent from the mixer to centralized Asian exchanges as a likely fiat off-ramp.

Čítaj viac
Načítava

Získaj BONUS 8 € v Bitcoinoch

nakup bitcoin z karty

Registrácia Binance

Burza Binance

Aktuálne kurzy