North Korea is denying allegations that it has earned US$2 billion through the hacking of cryptocurrency exchanges and banks.
The country’s government also says that the United States is helping to spread such “ill-hearted rumors.”
Denying the UN report
North Korea, known formally as the Democratic People’s Republic of Korea (DPRK), is objecting to a recent report from the United Nations that says Pyongyang is using “widespread and increasingly sophisticated” hacking attacks in order to fund their weapons of mass destruction (WMD) programs.
“Such a fabrication by the hostile forces is nothing but a sort of a nasty game aimed at tarnishing the image of our Republic and finding justification for sanctions and pressure campaign against the DPRK,” says a spokesperson for the National Coordination Committee of the DPRK for Anti-Money Laundering and Countering the Financing of Terrorism.
The country has faced crippling economic sanctions that were imposed by the UN Security Council back in 2016 in order to choke funding for Pyongyang’s nuclear and ballistic missile programs.
The recent report from the United Nations says cybersecurity experts are investigating at least 35 instances of North Korean operatives attacking cryptocurrency exchanges, financial institutions, and mining activity in 17 different countries in order to gain some much-needed revenue.
The United Nations experts note that the hacking attacks carried out by North Korea allow it “to generate income in ways that are harder to trace and subject to less government oversight and regulation than the traditional banking sector.”
In response to the report, a spokesperson for the U.S. State Department said, “We call upon all responsible states to take action to counter North Korea’s ability to conduct malicious cyber activity, which generates revenue that supports its unlawful WMD and ballistic missile programs.”
Multiple attacks
Many cybersecurity professionals have placed North Korea behind quite a few notable hacks over the last couple of years.
Experts point to APT 38, a highly-skilled and well-funded hacking group, as one of the country’s most effective online aggressors.
It is believed that APT 38, which operates under the control of the Reconnaissance General Bureau, the principal intelligence organization for the DPRK, stole $1 billion in 2018 alone.
The group conducted cyberattacks against banks and cryptocurrency exchanges in Turkey, Bangladesh, Chile, India, Vietnam, Pakistan, South Korea, Taiwan, and the Philippines.
Another hacking group associated with North Korea is Lazarus.
Lazarus is believed to be behind attacks on several South Korean crypto exchanges, such as Bithumb and Youbit (which was eventually forced to declare bankruptcy), as well as stealing 4,500 bitcoins from Nicehash, a cryptocurrency cloud mining platform.
However, the ongoing economic sanctions have not deterred North Korea from continuing their WMD programs.
While U.S. President Trump has met with Kim Jong Un three times, talks between the two countries have stalled.
In late July and early August, North Korea conducted three short-range missile tests after suspending such tests during the negotiations.