UN Investigating North Korea’s Cyberattacks on Crypto Exchanges and Banks

Detailed information about the victims of the alleged North Korean cyberattacks on different nations has been stated in a broader report as published by Associated Press today.

Following last week’s report where North Korea was accused of carrying out cyberattacks on banks and cryptocurrency exchanges in different nations to fund its Weapons of Mass Destruction (WMD) program, the United Nations (UN) has stated that it is currently investigating all 35 cases cited in the earlier report. 

The UN stated that out of the 35 instances where the Democratic People’s Republic of Korea (DPRK) actors have stolen from, South Korea happened to top the list, having suffered ten separate attacks. 

India came second in the list, incurring three attacks while Bangladesh and Chile followed suit with both nations having two cases each.     

Additionally, thirteen countries also suffered one attack each, including Costa Rica, Gambia, Guatemala, Kuwait, Liberia, Malaysia, Malta, Nigeria, Poland, Slovenia, South Africa, Tunisia, and Vietnam.  

According to the report, three “low risk and high yield” methods were used by the DPRK cyber actors to steal funds worth $2 billion from various crypto exchanges and banks.  

Some attacks were conducted via the Society for Worldwide Interbank Financial Telecommunication (SWIFT) system. The DPRK hackers used this method by utilizing banks infrastructures and computers to send fraudulent messages and subsequently deleting the evidence. 

Also, the method of mining cryptocurrency via crypto-jacking was adopted to generate funds for a professional branch of the North Korean military. A malware program is installed onto a mining computer which helps mine cryptocurrencies on the hacker’s behalf.

Lastly, crypto exchanges and users were targeted in different instances. This method can be compared to the attacks top South Korean exchange, Bithumb has suffered in the past. 

An instance was cited in the report where over 5,000 separate transactions were sent to different destinations before eventual conversion, making it difficult to track these funds. 

Last year, Coinfomania reported that hackers stole $30 million worth of cryptocurrency from Bithumb, which forced the exchange to suspend all deposits and withdrawals on its platform.