- North Korean hackers have been linked to recent attacks on a South Korean cryptocurrency exchange.
- US cyber-security firm Recorded Future analyzed methods used in recent cryptocurrency attacks and noticed a trend.
- The malware is linked to a North Korea-tied hacking unit called Lazarus.
- The report comes amid recent allegations that North Korea is mining and hacking cryptocurrencies as a way to deal with crippling economic sanctions.
ADVERTISEMENT
New evidence reportedly puts North Korean hackers behind a list of high-stakes bitcoin heists
Researchers say North Korea-linked hacking group Lazarus used similar malware in several recent large-scale attacks, including last year's WannaCry.
ADVERTISEMENT
Recommended articles
North Korea's involvement in major hacking offensives appears to be growing.
The country has been linked to a recent attack on South Korean cryptocurrency exchanges, according to cybersecurity experts.
Researchers from the US cybersecurity firm Recorded Future say a new hacking campaign targeting South Korean cryptocurrency exchange Coinlink employed the same malware code used in the 2014 attack on Sony Pictures and last year's global WannaCry attack.
ADVERTISEMENT
Beginning in late 2017, hackers attempted to collect the passwords and emails of employees at Coinlink, but were unsuccessful.
Recorded Future released a full report on Tuesday analyzing the methods used in the recent Coinlink attack, versus methods used in previous cyberattacks. The firm found what it called strong evidence that a cybercrime unit called the Lazarus group was behind the Coinlink attack, as well as several previous large-scale campaigns, based on the type of code they have used in previous attacks.
According to the report, the Lazarus group operates under a North Korean state-sponsored cyber unit.
The group has been conducting operations since at least 2009, when they launched an attack on US and South Korean websites by infecting them with a virus known as MyDoom, the report said. The group has mainly targeted South Korean, US government, and financial entities, but has also been linked to the major attack on Sony Pictures in 2014.
In recent years, researchers noticed a change in North Korean cyber operations as they began to shift their focus to attacking financial institutions in order to steal money to fund Kim Jong Un's regime, the report said.
ADVERTISEMENT
In 2017, the group began targeting cryptocurrencies, and their first offensive was aimed at Bithumb, one of the world's largest bitcoin exchanges. Lazarus hackers stole $7 million in the Bithumb heist at the time, according to the report.
The WannaCry attack in 2017,
FOLLOW BUSINESS INSIDER AFRICA
ADVERTISEMENT
Recommended articles
10 African countries with the lowest inflation rates in 2024
Davido launches his label Nine+ in partnership with UnitedMasters
Nigeria's economic ranking drops to fourth in Africa
Moscow inaugurates its House of Africa
The CBN justifies $2b billion loss in forex, dispelling Naira defense claims
10 best airports in Africa in 2024
10 most expensive cities in Africa in 2024
Illegal money changers adapt to Zimbabwe's ZiG currency rollout
