A member of the South Korean parliament charges that North Korea used a phishing scheme in a massive cryptocurrency theft, according to several published reports.
Kim Byung-kee, a member of South Korea's parliamentary intelligence committee, made the charges on Monday (February 5), and claimed that only did the North Koreans steal cryptocurrency in 2017, but the country is continuing to penetrate South Korean exchanges this year.
In terms of how much was taken, Kim only noted it was in the billions of won -- the country's official currency. One estimate reckons a billion won in cryptocurrency could be worth about $920,000.
"North Korea sent emails that could hack into cryptocurrency exchanges and their customers' private information and stole (cryptocurrency) worth billions of won," said Kim, according to the Reuters report.
The report noted that South Korea's intelligence agency has been trying to stop the current attacks on the country's exchanges.
While details about the scheme were scarce, the Korea Herald reported that North Korean hackers used a series of emails or social media messages to steal customers' passwords and other personal information. North Korea also appears to have used technology from a South Korean company to thwart anti-hacking tools.
By shrouding itself in secrecy, North Korea has made it difficult for others to gauge its hacking and cyber warfare capabilities. Periodic reports from South Korea intelligence offer some information, but it's hard to verify what one country claims about the other.
However, it's believed by security and intelligence experts that North Korea, officially the Democratic People's Republic of Korea or DPRK, has an extensive cyber warfare operation that has committed a series of financial crimes. (See Cybercrime Is North Korea's Biggest Threat.)
Specifically DPRK Office 91, which is also known as the Lazarus Group, is suspected of being behind the WannaCry ransomware attack that was considered one of the largest attacks of 2017. (See Kaspersky Names WannaCry 'Vulnerability of the Year'.)
Earlier this year, McAfee detected a campaign that targeted North Korean dissidents and journalists, and although the report found a North Korean IP address, it's not clear if the group is associated with the country or operating on its own. (See McAfee: Attackers Targeting North Korean Dissidents, Journalists.)
Related posts:
- Countries, Coins & Cloud Will Test Enterprise Security in 2018
- The Hard Work of Pointing Fingers
- Bitcoin Attacks Mount as Criminals & States Seek Targets
- New Insight on WannaCry's Roots
— Scott Ferguson, Editor, Enterprise Cloud News. Follow him on Twitter @sferguson_LR.