The Korea Herald


NK stole up to $2b by hacking financial networks: report

By Kim So-hyun

Published : Sept. 4, 2020 - 18:08

    • Link copied

(Yonhap) (Yonhap)

North Korea is estimated to have collected up to $2 billion in illegal funds through hacking cryptocurrency exchanges, international financial networks and automated teller machine systems, Voice of America reported on Friday.

Citing documents from US law enforcement agencies and experts, the US government-funded broadcaster said North Korean hackers abuse the incomplete regulatory system of the nascent industry, the anonymity of cryptocurrency, and use methods known as “mixer” and “chain hopping” to make it difficult to identify the routes through which cryptocurrency was traded.

Experts including Kayla Izenman, a research analyst with the UK think tank Royal United Services Institute, said the reason North Korea is using cyberspace to make money is because it is low-risk, high-return, and difficult to find out who is liable.

“I’d say they are really advanced cybercriminal actors in general, more than any other sanctioned countries with the exception of maybe Russia and to some extent China. But they’re using a different approach towards cryptocurrency and towards the financial system and sanctions evasion than any other sanctions country … I would assume North Korea is using cryptocurrency to further the state’s goal,” Izenman was quoted as saying by VOA.

The US State Department, the expert panel under the UN Security Council’s committee on sanctions against North Korea and private sector experts have repeatedly warned of North Korea’s extortion of funds through illegal activities in cyberspace, according to VOA.

“What we’re comfortable saying, at present, is that North Koreans have stolen at least 1.5 billion US dollars in cryptocurrency … So, it’s far greater than other state actors in relation to that. North Korea, I think, has identified hacking the cryptocurrency exchanges as a low-risk, high-reward,” Jesse Spiro, global head of policy at US blockchain analysis company Chainalysis, told VOA.

The US Department of Treasury has said three North Korean state-sponsored hacking groups -- Lazarus, Bluenoroff and Andariel -- could have extorted $571 million in cryptocurrency alone, by attacking five Asian cryptocurrency exchanges between January 2017 and September 2018.

The US law enforcement authorities believe North Korea stole a total of $253 million worth of cryptocurrency over two years since 2018, the largest heist being the $250 million extorted from a South Korean cryptocurrency exchange in 2018.

The US federal prosecutors said last week that North Korean hackers stole $273,000 worth of cryptocurrency in July 2018 and $247,000 in September 2018.

“Cyber has opened up a new opportunity for the North Korean regime to access financial assets directly through financial manipulation of ATM transaction, cryptocurrency as well as actually hard cash attacks against the Bangladesh National Bank,” Richard Harknett, professor at University of Cincinnati and expert in cyber security strategy, told VOA.

“The fact that US Cyber Command was explicit last week about persistent engagement and its disruption of this ATM banking malware, I think, tells you that the US has got a strategy in place to try and start to reduce the opportunity that exists out there.”

By Kim So-hyun (