North Korea’s Hacking Army Targets Billion Dollar Hacks
Former North Korea spy depicts that the country’s leader hauls in cash by any possible means. Cyber hacks, drug deals and even weapons sales to African and Middle East clients. In details, the former hacker chronicled how Pyongyang is the base from which the hackers attack South Korea, and other countries.
In the latest attempts to support Kim Jong-un’s nuclear ambitions, hackers believed to be associated with the North Korean government seem to have found a chink in the networks of an Indonesian bank. The investigators investigating the recent hack believe this was an effort to pull off a mega-heist to fund the regime’s goals.
Hackers suspected of working for North Korea’s military intelligence agency—the Reconnaissance General Bureau (RGB) have successfully hacked numerous financial institutions since 2016. Cybersecurity analysts reported that North Korea’s largest cyber hack involved the networks of Bank Rakyat Indonesia around February 2020.
The hackers pursued the bank’s networks with unique North Korean malware, as indicated in a technical report concerning the breach. It remains unclear whether the North Korean hackers were successful in the cyber heist. However, analytical reviews imply the hackers were likely successful in targeting the bank and making off with the money, according to Adrian Nish, the head of threat intelligence at BAE Systems.
Nish added that this particular malware launched on Bank Rakyat Indonesia was a ‘late-stage tool’. The utilized strategy after the hackers completed reconnaissance on its systems.
The malware aptly called “BEEFEATER” additionally links the campaign to the same malware used by the North Koreans in previous heists- of which they made off with millions of dollars stolen from the Bangladesh Bank.
This previous heist occurred in 2016, in which North Korean hackers successfully broke into a Bangladesh Bank and stole 81 million dollars. As was revealed, they did this by sending fake payment orders through the Society for Worldwide Interbank Financial Telecommunication (SWIFT), a messaging system that makes bank transfers.
According to Vikram Thakur, a technical director at Symantec, the North Koreans now seem to realize it’s incredibly lucrative to target cryptocurrency exchanges. As these are far less regulated, they’re able to reap an insane fortune at any given time.
An anonymous individual familiar with the work of the United Nation’s Panel of Experts on North Korea—tasked with observing North Korean efforts to evade sanctions and cyber-operations—says Kim’s regime now capitalize from carrying out lucrative cyber attacks worldwide.