Interesting article about stepped-up use of Bitcoin and other cryptocurrencies (or perhaps more accurately, stepped-up theft of Bitcoin and other cryptocurrencies) by North Korea:
Hackers from Kim Jong Un’s regime are increasing their attacks on cryptocurrency exchanges in South Korea and related sites, according to a new report from security researcher FireEye Inc. They also breached an English-language bitcoin news website and collected bitcoin ransom payments from global victims of the malware WannaCry, according to the researcher.
The MSN article is based on a Fireye report, which likewise makes for fascinating reading, particularly their recent events timeline:
2017 North Korean Activity Against South Korean Cryptocurrency Targets
- April 22 – Four wallets on Yapizon, a South Korean cryptocurrency exchange, are compromised. (It is worth noting that at least some of the tactics, techniques, and procedures were reportedly employed during this compromise were different than those we have observed in following intrusion attempts and as of yet there are no clear indications of North Korean involvement).
- April 26 – The United States announces a strategy of increased economic sanctions against North Korea. Sanctions from the international community could be driving North Korean interest in cryptocurrency, as discussed earlier.
- Early May – Spearphishing against South Korean Exchange #1 begins.
- Late May – South Korean Exchange #2 compromised via spearphish.
- Early June – More suspected North Korean activity targeting unknown victims, believed to be cryptocurrency service providers in South Korea.
- Early July – South Korean Exchange #3 targeted via spear phishing to personal account.