North Korea aims its hacking at stealing foreign currency, not espionage

North Korea aims its hacking at stealing foreign currency, not espionage

Cyber-criminals are targeting financial institutions as Pyongyang faces tough nuclear sanctions, the Financial Security Institute (FSI) claims. According to a report by South Korea's Financial Security Institute (FSI), two hacker groups, named Bluenoroff, first detected by Kaspersky Lab and Andariel, believed to be offshoots of Lazarus, have been attacking South Korean and global organisations, Reuters reported. "With the pressure from sanctions and the price growth in cryptocurrencies like bitcoin and Ethereum - these exchanges likely present an attractive target", said Luke McNamara, senior analyst at FireEye, a cybersecurity company as cited by Reuters.

North Korea is isolated, impoverished and desperately short of foreign currency to pay for imports.

Perhaps the most high profile hack linked to North Korea in recent years targeted Sony's entertainment business in 2014 - wiping out massive amounts of data and leading to the online distribution of emails, personal and sensitive employee data as well as pirated copies of new movies.

United States officials are also believed to be building a case linking last year's $81m (£62m) cyber heist at the Bangladesh central bank to North Korean hackers.

The report also found potential links between the North Korean regime and the global attack WannaCry which impacted 150 countries in May.

Russian cybersecurity firm Kaspersky Lab has identified a hacking group called Bluenoroff that it says is to blame for attacks on foreign financial institutions, like those in Poland and Bangladesh.

US FDA announces goal to lower nicotine levels in cigarettes
Health care and lost productivity costs come in at almost $300 billion annually, according to the FDA. In a statement , the regulator said it was aiming to create...

North Korea's state-sponsored hackers are increasingly going after money rather than secrets, according to a report published on Thursday (July 27) by a South Korean government-backed institute.

"Bluenoroff and Andariel share their common root, but they have different targets and motives", according to the FSI report.

The report said the Andariel group had increasingly shifted from destructive attacks on computer networks to crimes like stealing bank-card data and using it to draw cash from bank customers' accounts or selling the data on the black market.

The FSI was launched by the South Korean government in 2015, following attacks on major South Korean banks.

"We believe this subgroup (Andariel) has been active since at least May 2016".

Experts say that the hackers have reportedly targeted, bank accounts, ATMs and online poker, all in efforts to make money as North Korea grapples with worldwide sanctions to disrupt its nuclear weapons program.

Related Articles