North Korea’s Crypto Hacking Efforts to Intensify in 2023, Warns Seoul
Intelligence chiefs south of the DMZ have warned that North Korea’s crypto hacking campaigns will likely intensify in the year ahead.
Per YTN, the South Korean National Intelligence Service (NIS) has recently established a National Cybersecurity Cooperation Center – along with private security providers. The center will be tasked with responding to North Korean cyber threats.
The center, the NIS said, comprises “nine government agencies and five private IT security companies.”
The NIS claimed that while the North has traditionally targeted South Korean crypto exchanges, it is now shifting its focus to individuals. It will also target the decentralized finance (DeFi) space, the NIS said.
The NIS stated that in 2023, Pyongyang-based attackers would “focus on hacking DeFi services,” as these are in a regulatory “blind spot” in the South.
Seoul has blamed Pyongyang for multiple attacks on South Korea-based crypto exchanges. Seoul says North Korean hackers stole $7 million from Bithumb in February 2017. South Korea also says Pyongyang effectively bankrupted a platform named Youbit, also in 2017, after stealing 17% of its crypto assets.
Seoul has since regulated exchanges. It now only grants operating licenses to exchanges that can prove they have advanced security protocols. Previously, security experts stated that Southern exchanges operated with minimal security levels.
‘Deep Fake’ Attacks Incoming on Crypto Targets from 2023, Says Seoul
The North has denied allegations that it hacks crypto, calling these American and South Korean “fabrications.”
The NIS warned that Pyongyang was developing advanced “deep fake” technology that could allow it to dupe unsuspecting social media and internet users.
International security firms have recently claimed that the North Korean hacking group Lazarus is distributing a virus-infested Mycelium Wallet clone on various Telegram channels.
They have also claimed Lazarus operates a fake crypto exchange named BloxHolder. The latter, experts say, includes pages and content pirated from the HaasOnline trading platform.