Wednesday January 29, 2020
Home Business Report: North...

Report: North Korea Using Cryptocurrency to Fund Weapons of Mass Destruction Programs

North Korea is actually getting a significant amount of money through cryptocurrency and they are getting it outside of the traditional financial system

0
//
cryptocurrency, weapons
FILE - Representations of the Ripple, Bitcoin, Etherum and Litecoin virtual currencies, Feb. 13, 2018. Switzerland's government wants to look into the feasibility of launching its own state-backed cryptocurrency. VOA

North Korea is using cryptocurrency markets to evade global sanctions and is likely using the virtual money to fund its weapons of mass destruction programs, according to a new report from the London-based Royal United Services Institute (RUSI). The report recommends regulators take urgent steps to counter the threat.

Pyongyang is subject to wide-ranging international sanctions following a series of nuclear tests and long-range missile launches on recent years. The reclusive state is seeking ways to raise money and bypass those sanctions — and emerging cryptocurrencies could become a key lifeline for the regime, says report co-author Kayla Izenman.

“North Korea is actually getting a significant amount of money through cryptocurrency. And they are getting it outside of the traditional financial system, which is the one that most people think about when they’re thinking about how a weapons of mass destruction program might be financed,” says Izenman.

Many cryptocurrency exchanges ban North Korean users. Pyongyang is accused of numerous hacking operations get around these measures. In one December 2017 attack on South Korea’s Bithumb exchange, it is claimed North Korea hackers stole Bitcoin and Ethereum virtual currencies then worth $7 million.

While cryptocurrency currently plays a minor role in Pyongyang’s financial activities, RUSI’s Izenman says the reclusive state has the capacity to exploit weaknesses in global regulation.

“It’s a national security threat and will just increase in the time to come. Cryptocurrency, especially if you’re using coins such as ‘Monero’ or ‘Zcash’ that that are privacy coins that aren’t as transparent as ‘Bitcoin’, can be used and traded, and they don’t need to go through the fiat system, they don’t need to touch the dollar, they don’t need to touch a bank.”

cryptocurrency
The report authors warn that southeast Asia’s burgeoning cryptocurrency industry is particularly vulnerable as regulators are struggling to keep up with the technology. Pixabay

The report authors warn that southeast Asia’s burgeoning cryptocurrency industry is particularly vulnerable as regulators are struggling to keep up with the technology.

ALSO READ: Technology Campaigners Want Firms to Connect People in Positive Ways, Fight ‘Human Downgrading’

“Most of the hacks that North Korea has been involved in have been in southeast Asia. And most of their sanctions evasion work has also been in southeast Asia. So we’re hoping to help improve regulation in the region. That being said, given that cryptocurrency is inherently a borderless type of system, it’s imperative that everyone be aware of this,” Izenman adds.

Meanwhile, North Korean leader Kim Jong Un arrived Wednesday in Vladivostok for a summit with his Russian counterpart Vladimir Putin — where the ongoing sanctions against Pyongyang are likely to be high on the agenda. (VOA)

Next Story

North Korea Hackers Target Think Tanks, Activists; Reveals Microsoft

By using forwarding rules, Thallium can continue to see email received by the victim, even after the victim's account password is updated

0
microsoft, xbox
FILE - A sign for Microsoft is seen on a building in Cambridge, Massachusetts, March 18, 2017. VOA

Microsoft has revealed that a North Korea-linked hacker group has stolen the sensitive personal information of government employees, think tanks, university staff members, members of organizations focused on world peace and human rights, as well as individuals who work on nuclear proliferation-related issues.

Microsoft has now gained control of 50 domains that the group uses to conduct its operations, the company said on Monday.

With this action, the sites can no longer be used to execute attacks.

A court case against the hacker group, called Thallium, filed in the US District Court for the Eastern District of Virginia, resulted in a court order enabling Microsoft to take control of the web domains, Microsoft Customer Security and Trust Vice President Tom Burt said in a blog post.

Microsoft’s Digital Crimes Unit (DCU) and the Microsoft Threat Intelligence Center (MSTIC) has been tracking and gathering information on Thallium, monitoring the group’s activities to establish and operate a network of websites, domains and Internet-connected computers.

This network was used to target victims and then compromise their online accounts, infect their computers, compromise the security of their networks and steal sensitive information.

Most targets were based in the US, as well as Japan and South Korea, Burt said.

Like many cybercriminals and threat actors, Thallium typically attempts to trick victims through a technique known as spear phishing.

FILE - Microsoft Corp. signage is shown outside the Microsoft Visitor Center in Redmond, Wash.
FILE – Microsoft Corp. signage is shown outside the Microsoft Visitor Center in Redmond, Wash. VOA

By gathering information about the targeted individuals from social media, public personnel directories from organizations the individual is involved with and other public sources, Thallium is able to craft a personalized spear-phishing email in a way that gives the email credibility to the target.

The link in the email redirects the user to a website requesting the user’s account credentials.

By tricking victims into clicking on the fraudulent links and providing their credentials, Thallium is then able to log into the victim’s account.

Upon successful compromise of a victim account, Thallium can review emails, contact lists, calendar appointments and anything else of interest in the compromised account.

The hackers often also creates a new mail forwarding rule in the victim’s account settings. This mail forwarding rule will forward all new emails received by the victim to Thallium-controlled accounts.

Also Read: Actor Pankaj Tripathi Likes to Put Work Before Vacay Plans

By using forwarding rules, Thallium can continue to see email received by the victim, even after the victim’s account password is updated.

“You can protect yourself from these types of attacks in at least three ways. We recommend, first, that you enable two-factor authentication on all business and personal email accounts,” Burt said.

“Second, learn how to spot phishing schemes and protect yourself from them. Third, enable security alerts about links and files from suspicious websites and carefully check your email forwarding rules for any suspicious activity,” he added. (IANS)