North Korea has shocked the world with its cyber heist on cryptocurrency. They are saving their economy by carrying out several money heist attempts. The researchers of FireEye have first reported North Korea’s attack on bitcoins.
According to FireEye, they first started attacking the South Korean cryptocurrency exchange in 2016. However, The South Korean exchange agency could not provide support to confirm the case. But there are some definite cases of successful money heists attempted by the North Korean Army.
The First North Korean Money Heist
North Korea performed its first highly dramatic money heist in the year 2016 targeting Japanese 7-Eleven stores. They knew that it is impossible for them to perform the heist. So, they tricked some Japanese youngsters to work for them who were eager about making quick money. They initiated the activity early on Sunday morning when the crowd is lesser. Their people inserted a magnetic strip into a 7-Eleven store’s A.T.M. machine and withdrew cash of a hundred thousand yen (about $900).
They continued with 19 attempts at each A.T.M. machine of a 7-Eleven store. The withdrawal started from 5 A.M. till 8 A.M. targeting different &-Eleven store machines. Each people made almost 3.8 million yen of cash among which the workers will keep 10% and the rest will be handed over to the bosses.
The workers didn’t know who was at the top of the food chain until the Japanese daily broke the news. A withdrawal of more than $16 million was attempted using foreign cards and only from the 7-Eleven convenient stores. Only those stores accepted foreign cards. According to the police, the ringleader of the 7-Eleven operation was not found anywhere in the country. According to the police report, they crossed China and entered North Korea. The heist was by the Korean People’s Army and the operation was called FASTCash.
The Notorious WannaCry Ransomware Attack
The WannaCry ransomware attack was an infamous global epidemic that took place in May 2017. The attack was done via Windows Operating System. The cybercriminals took advantage of the Operating System’s loopholes. However, Windows previously took strong precautions against such attacks by developing a security patch for their personal computers. Yet, the attackers could spread their hacking game through phishing campaigns. The attackers demanded $300-$600 worth of Bitcoins from the users. The security firms like The Kaspersky and Symantec analyzed the codes used for hacking and found profound similarities to the code of the recent Lazarous attack attempted by the North Korean Army.
9c7c7149387a1c79679a87dd1ba755bc @ 0x402560, 0x40F598
ac21c8ad899727137c4b94458d7aa8d8 @ 0x10004ba0, 0x10012AA4#WannaCryptAttribution— Neel Mehta (@neelmehta) May 15, 2017
The Lazarus Group
According to the U.S. Treasury Department Lazarus group has conducted more than $600 million in cryptocurrency theft from a software bridge. Ethereum wallet address fell under U.S. sanctions for helping the group move stolen cryptocurrency from Ronin bridge to Tornado cash. Tornado cash is known for anonymous token transfer. The FBI investigation determined the involvement of the Lazarus Group and APT38 which has an association with the North Korean regime.
North Korean cyber criminals attempted many more cyber crimes and money heists to extract more than $400 million of digital assets only last year.
