Hacking Into Bitcoin Exchanges

in #bitcoin5 years ago (edited)

Beset by international sanctions, the North Korean government has begun hacking into cryptocurrency exchanges to steal bitcoins, researchers say.At least three South Korean bitcoin exchanges have been targeted by North Korean military hackers in 2017, according to a report from the cybersecurity firm FireEye.

Major cryptocurrencies have surged in value in 2017, with the value of a single bitcoin rising from $963 at the beginning of the year to $4,222, and ethereum jumping from $8 to $299. That makes them a ripe target for theft, said Luke McNamara, a FireEye senior analyst.“I see there being two macro drivers of this threat activity,” McNamara told BuzzFeed News. The first is the tightening sanctions on North Korea's economy, he said. “But you also have cryptocurrencies appreciating significantly since the beginning of the year," he added. "So you see cryptocurrency exchanges, particularly in South Korea, becoming a logical target."One exchange believed to be targeted by North Korea is bithumb, South Korea’s largest cryptocurrency company. Bithumb was hacked in February, though it didn’t notice the breach until June, and it was only made public in July. A number of users reported bitcoin and ethereum stolen from their accounts, with one customer claiming more than a million dollars’ worth of digital currency was stolen, according to local news reports.“This is very consistent with what I would expect North Korea to be doing,” said Claire Finkelstein, a national security expert and faculty director at the University of Pennsylvania’s Center for Ethics and the Rule of Law. The fact that cryptocurrencies are decentralized, an appealing feature to enthusiasts who tout that bitcoin and similar technologies aren’t regulated by any outside agency, also makes them appealing to criminals, she said.

“Bitcoin is a high-risk currency because it’s so easily manipulated,” Finkelstein said. “And when you combine the fact that the North Korean government operates substantially like a criminal enterprise, it’s not at all surprising to learn that they’re very interested in cryptocurrencies.”North Korea was first observed stealing money, instead of merely conducting more traditional espionage on financial institutions, in 2016, when, according to many researchers, including the US National Security Agency, it hacked into the Bangladesh Bank, that country’s central bank, and wired away $81 million.That same hacker group, McNamara said, is behind not only other attacks on Asian banks, which have gone unreported and which he declined to name because they are FireEye clients, but also the more recent attacks on South Korean bitcoin exchanges.All those attacks saw the same pattern of hackers targeting employees with spearphishing emails to their personal accounts, reusing passwords to gain access to company networks, then using some variant of a type of custom malware that FireEye has dubbed “PEACHPIT” to create a backdoor into a victim’s networks.Spearphishing emails to employees of cryptocurrency exchanges, McNamara said, focused on bitcoin financial regulations and new tax rules, reflecting the difficulties those companies face in keeping up with frequently changing laws and regulations.“Given a lot of the regulatory concerns in most countries regarding cryptocurrencies, that would be something especially interesting or of interest to someone who works at those exchanges,” McNamara said. “I think they were very clever in the lures they used for these operations.”

If international sanctions helped spur North Korean hacking and theft, that’s unlikely to end soon. On Monday, the United Nations agreed to yet more sanctions against the country.


Congratulations @pitchoo! You have completed the following achievement on the Steem blockchain and have been rewarded with new badge(s) :

You got more than 10 replies. Your next target is to reach 50 replies.

Click here to view your Board
If you no longer want to receive notifications, reply to this comment with the word STOP

Support SteemitBoard's project! Vote for its witness and get one more award!

Hello @pitchoo! This is a friendly reminder that you have 3000 Partiko Points unclaimed in your Partiko account!

Partiko is a fast and beautiful mobile app for Steem, and it’s the most popular Steem mobile app out there! Download Partiko using the link below and login using SteemConnect to claim your 3000 Partiko points! You can easily convert them into Steem token!


Congratulations @pitchoo! You received a personal award!

Happy Birthday! - You are on the Steem blockchain for 2 years!

You can view your badges on your Steem Board and compare to others on the Steem Ranking

Vote for @Steemitboard as a witness to get one more award and increased upvotes!

Congratulations @pitchoo! You received a personal award!

Thank you for the witness votes you made to support your Steem community and for keeping the Steem blockchain decentralized

You can view your badges on your Steem Board and compare to others on the Steem Ranking

Do not miss the last post from @steemitboard:

Use your witness votes and get the Community Badge
Vote for @Steemitboard as a witness to get one more award and increased upvotes!

Coin Marketplace

STEEM 0.20
TRX 0.13
JST 0.029
BTC 67703.52
ETH 3449.65
USDT 1.00
SBD 2.73