In March 2022, a senior software engineer at a gaming company in Singapore got a job offer.
It was good news because things weren't great at their current company, Sky Mavis, makers of the play-to-earn game Axie Infinity. The value of its in-game cryptocurrency had crashed.
The engineer went through the job application process before finally being sent a PDF with the salary details.
He clicked the link, but the job offer was fake.
North Korean hackers now had access to Sky Mavis's private keys — the access codes for the company's cryptocurrency account.
They stole around $600 million in cryptocurrency in one of history's biggest heists — not just of cryptocurrency, but of anything.
As international sanctions have cut into North Korea's ability to import and export things, it's been running lots of plots and schemes to get access to foreign currency.
But it's discovered that nothing compares to stealing cryptocurrency. And last year, stealing cryptocurrency was North Korea's primary form of foreign currency income.
Wannacry: The biggest cyber attack in history
In 2017, North Korea's hackers made one of their first attempts to raise revenue from cybercrime.
They developed a virus called Wannacry that wormed its way through a security flaw in Microsoft Windows in the biggest cyber attack in history.
The list of victims was extremely broad. The attack hit Britain's hospital network, Germany's rail system and scores of companies and government agencies.
The attack wasn't as effective as it could have been, though.
British cybersecurity researcher Marcus Hutchins found that the hackers had inserted a "kill switch" into the code in case they wanted to stop the virus from spreading any further.
So he just, kind of, flicked that switch.
Plus, news got around that even if you paid the ransom, there was no guarantee that your files would be unlocked.
While hundreds of thousands of computers were infected, fewer than 500 ransom payments were made.
The North Korean hackers received about 51 Bitcoin, which, thanks to the outrageous volatility of Bitcoin, could have been worth anywhere between US$100,000 and US$3.5 million, depending on when the hackers sold it.
Either way, it's not a huge amount.
To make real money, North Korea has turned its attention to robbing crypto exchanges and taking millions of dollars at a time.
North Korea hits the big time
Most people trade their crypto using cryptocurrency exchanges that do the same things a bank does.
But as opposed to banks, crypto exchanges are unregulated and often have poor security measures.
While robbing a bank is risky, robbing a crypto exchange, it appears, is just a matter of sending an attractive job offer to a senior employee.
North Korea's hackers have been robbing crypto exchange after crypto exchange.
In 2022, North Korea's hacking gang was responsible for half of all cryptocurrency theft. Their haul was $US1.65 billion.
That's more than three times the amount made globally from ransomware last year.
It's nearly twice as much as they made from all other exports.
Yes — to be clear — last year, stealing cryptocurrency was North Korea's primary form of foreign currency income.
Kim Jong-un celebrated this windfall by doing as many missile launch tests in a single year as he had in the previous decade.
North Korea tested 121 rockets in 15 months.
Now there's speculation Kim is selling some of his weapons to Russia to assist Vladimir Putin's war in Ukraine. Another exciting revenue stream.
At the moment, there's no real plan to stop him. Crypto exchanges are still unregulated, insecure pots of money that he — or anyone else — can raid to pay for nuclear weapons.
These guys are getting out of hand now, What do you guys think?
Source: https://www.abc.net.au/news/2023-11-18/how-north-korea-makes-a-fortune-stealing-crypto/103107824
No comments:
Post a Comment