North Korean Hackers Who Raided Sony Now Specialize In Crypto

Although it will never be openly admitted, many authoritarian governments have hacking groups which they can send round the world to inflict mayhem. Russia has Fancy Bear, North Korea sports the Lazarus Group, which was formerly known as the Guardians of Peace.

Back in November 2014, Sony Pictures Entertainment was about to release a movie called The Interview, featuring Seth Rogen, a comedy about two Americans who assassinate North Korean leader Kim Jong Un. The real Kim Jong Un apparently did not find this funny and instructed his hacker group called the Guardians of Peace to steal huge amounts of information off of Sony’s network. The hackers then leaked the information to journalists, who wrote about embarrassing things Sony employees had said to each other.

By now, the Guardians of Peace (who have reformed into the Lazarus Group), who have since released the WannaCry virus on the world, started to switch their attention to crypto embezzlement’s. According to a recent report by Chainalysis, the group stole some 400 million dollars worth of crypto last year in various cyber attacks.

Use of mixers

Although Chainalysis failed to identify all of the hackers’ targets, the report clarified that they were mainly investment firms and centralized exchanges. One such exchange, Liquid, reported unauthorized access to several of the wallets it managed last August.

The hackers used various traps to obtain funds from the wallets of these organizations to ship them to addresses controlled by North Korea. These included phishing lures, code abuse, malware and advanced social engineering techniques. Additionally, the report details that North Korea has dramatically increased its use of mixers to launder stolen cryptocurrencies.

Amazing how a backward country like North Korea can produce advanced missiles and a hacker army. It's almost like they are getting help. https://t.co/yoBAfSf7Es

— Michael Ron Bowling (@mrbcyber) January 15, 2022

It seems highly likely that many of these cyberattacks were carried out by the Lazarus Group, which the United States believes is now controlled by North Korea’s main intelligence agency.

Last year, the United States accused three North Korean programmers of a massive, multi-year hack in which they hoped to steal $1.3 billion in cash and cryptocurrency. Meanwhile, South Korean media reported late last year that North Korea had already withdrawn cryptocurrencies worth 2 trillion won ($1.7 billion) from exchanges with its hacking attacks, creating a lucrative side-industry for the state-run hacking department.

The reports also indicated that the hackers were apparently keeping these assets instead of immediately selling them for cash. Looks like Kim Jong Un is a HODLer.