Hackers based working for the North Korean government have been hacking into computers and servers in order to mine cryptocurrencies, according to Bloomberg.
The North Korean government has long been accused of using illegal activities to raise foreign currency via its ‘Bureau 39’ organisation. In the past it has allegedly forged foreign currencies and produced and distributed illegal narcotics.
However, Bloomberg claims that the hackers are working under a specialist unit, called Andariel. Last summer, it adds, they hacked-in to the server of a South Korean company to mine 70 Monero coins, stealing around around $25,000.
Kwak Kyoung-ju, who works in a hacking analysis team at the South Korea government’s Financial Security Institute, has been tracking the exploits of the group north of the border.
According to Kwak, North Korean state hackers have turned their attention over the past year to digital currencies as a new source of finance.
He told Bloomberg: “Andariel is going after anything that generates cash these days. Dust gathered over time builds a mountain.”
It’s not known whether the hackers have compromised other organisations, but Kwak warned that his analysis of the South Korean company’s server indicated that Andariel took control of it completely “undetected”.
As well as this, the hackers appear to have a preference for the Monero cryptocurrency. This is because it sports specialist privacy features, making it easier to launder stolen Monero than Bitcoin.
The news comes as Yapian, which ran the popular Bitcoin exchange service Youbit, revealed that it is to close down after being breached in December.
As Bloomberg notes, South Korean authorities have been keeping a close eye on North Korea’s online activities and it isn’t the first time that the country has been connected with attacks on cryptocurrency exchanges.
In September, security company FireEye raised alarms by warning that North Korean cyber attackers are increasingly compromising cryptocurrencies such as Bitcoin and Monero.
Lee Dong-geun, chief analyst at Seoul-based Korea Internet Security Center, said: “They are primarily after information for financial ends.”
In 2016, North Korea was also connected with an audacious attempt to steal $951 million from Bangladesh’s central bank, as well as a string of other attempted bank heists targeting their SWIFT international payments systems.