The recent surge in the value of Bitcoin has attracted not only regular cryptocurrency investors, but also a number of North korean hackers who are looking to cash in on the surge by hacking into cryptocurrency exchanges.
North Korean hackers are intent on stealing millions of dollars from compromised cryptocurrency exchanges in the wake of crippling economic sanctions imposed by the West.
Security researchers across the globe have witnessed how malicious actors, including Russian and North Korean hackers, have in the recent past conducted successful cyber-attacks on cryptocurrency exchanges across the globe, thereby earning millions of dollars in the process.
Last week, following a miraculous surge in the value of Bitcoin, cryptocurrency marketplace NiceHash's payment servers were compromised, resulting in the loss of Bitcoin wallet value worth millions of dollars. According to CoinDesk, hackers stole as much as many as 4,736.42 Bitcoin from NiceHash customer wallets which was equivalent to more than $62 million at current prices.
Back in July, a hacker managed to steal $7.4 million in cryptocurrency by hacking into CoinDash, a trading platform, during an Initial Coin Offering. The hacker took control of CoinDash's website as soon as the ICO opened and replaced the link where investors could send their funds with a new one. This way, he pocketed the entire money that investors sent to CoinDash before the trader raised an alarm.
According to independent cyber security researcher Ashley Shen who spoke to Sky News, the recent surge in the value of Bitcoin is now working as an incentive for North Korean hackers for whom stealing digital currency is easier than stealing physical currency.
'We assume one of the reasons why Bitcoin is being attacked is because the price keeps increasing and we think it's reasonable for hackers. Digital currency might be easier to gain than physical currency. So I think it's reasonable,' she said.
She added that hacker groups have also shifted their attention of late from mining sensitive data to stealing digital currency. Groups backed by North Korea like Lazarus and Bluenoroff have been targeting banks in Europe and South Korea frequently.
In September, fresh sanctions announced by the United States directly affected as many as eight North Korean banks and 26 bank workers living abroad. Combined with sanctions announced by the United Nations, these efforts were meant to significantly impact North Korea's access to the international banking system.
As a result, a number of banks in Europe and in the rest of the world now fear that that North Korea may seek to cripple their networks and disrupt their operations in the face of U.S. military action against its nuclear weapons programme. A number of cyber experts also believe that North Korean hackers may target banks with new 'wiper' viruses which they previously used to target Sony Corp and South Korean institutions.
'As sanctions bite further and North Korea becomes more desperate for foreign currency, they will get more aggressive and continue to come after the finance sector. They’re after our money,' said Robert Hannigan, who retired in March this year after leading the GCHQ for three years, to The Times.
Speaking at the Reuters Cyber Security Summit in November, Dmitri Alperovitch, chief technology officer at CrowdStrike, said that hackers with links to North Korea have so far stolen hundreds of millions of dollars from global banks and may continue to launch sophisticated attacks on financial targets. 'The difference between theft and destruction is often a few keystrokes,' he warned
'With an army focused on the South, a navy that is limited in reach, and an air force oriented towards defense, North Korea’s main ways to threaten countries beyond its immediate borders are with missiles or with cyber intrusions,' said Kelsey Atherton, a defense technology journalist.