North Korea Is Main Suspect in Ruinous Hack of South Korean Bitcoin Exchange

By Rhett Jones on at

World War III is going to be dumb. It only seems fitting that Bitcoin could get thrown into the mix of dumb reasons why it might get started. When South Korean cryptocurrency exchange YouBit was looted by hackers this week it seemed to be inevitable that North Korea would be at fault, and investigators believe that’s exactly what happened.

Early on Tuesday, Youbit posted a message on its website informing customers that it will declare bankruptcy after 17 per cent of its total assets were stolen by hackers. It indicated that customers would be able to withdraw their holdings at 75 per cent of the value. Now, South Korean police and the Korea Internet & Security Agency have to figure out who’s responsible for this mess. According to the Wall Street Journal, the investigators have good reason to believe Kim Jong-un’s regime is the culprit. From the report:

The people said there were telltale signs and historical evidence that North Korea was behind the Youbit attack. North Korean hackers in April targeted the same cryptocurrency exchange, operating under a different name, several of the people said. Yapian, the company that operates Youbit, suspended trading and filed for bankruptcy after Tuesday’s hack.

The bitcoin heist follows similar suspected Pyongyang-directed offensives against other South Korean cryptocurrency exchanges—and an increasing number of attempts to steal from individual investors.

The investigation is still in the early stages and analysis of the malware that was used is expected to take several weeks.

North Korean hackers are gaining a lot of notoriety this week after the US government formally blamed them for carrying out the massive WannaCry ransomware attack that began in May. Experts tend to agree that North Korea’s hacking operations are financially motivated. In September, security researchers at FireEye published an analysis of North Korean operations against South Korea and found at least six major incidents in which it targeted cryptocurrencies. While Bitcoin and other digital currencies offer anonymity that’s very beneficial to North Korea, as it’s under significant international sanctions, the country is open to going after old-fashioned fiat currency as well. FireEye’s report concludes:

Consequently, it should be no surprise that cryptocurrencies, as an emerging asset class, are becoming a target of interest by a regime that operates in many ways like a criminal enterprise. While at present North Korea is somewhat distinctive in both their willingness to engage in financial crime and their possession of cyber espionage capabilities, the uniqueness of this combination will likely not last long-term as rising cyber powers may see similar potential. Cyber criminals may no longer be the only nefarious actors in this space.

South Korea is a ripe target, not only because it’s North Korea’s long-time adversary, but because cryptocurrency is so wildly popular there. According to the market tracker Coinhills, the Korean Won is the third most exchanged currency for Bitcoin in the world. It trails behind the Japanese Yen and the US Dollar.

The Wall Street Journal claims that North Korea has a cyber army comprised of 7,000 hackers, but it’s really difficult to say how anyone could be certain of that number. In addition to being one of the most impenetrable countries in the world for traditional espionage, it’s also one of the most protected nations for cyberespionage. Because it mostly uses a closed intranet and only has limited connection to the world wide web, even the best hackers from the West have a hard time getting in.

In June, a NATO-sponsored think tank issued a statement that a state-sponsored malware attack could be considered an act of war and trigger Article 5 of the North Atlantic Treaty, meaning NATO members could engage in a military response. With reports that North Korea is testing anthrax loads on ICBMs in addition to its nuclear capabilities, and increasingly frequent joint military exercises between the US and South Korea, cryptocurrency’s just another dangerous ingredient in the hunt for a tipping point.


More Cryptocurrency Posts: