North Korean Hackers Hijack Computers To Mine Cryptocurrencies

North Korean hackers are hijacking computers to mine cryptocurrencies as the regime in Pyongyang widens its hunt for cash under tougher international sanctions. From a report: A hacking unit called Andariel seized a server at a South Korean company in the summer of 2017 and used it to mine about 70 Monero coins -- worth about $25,000 as of Dec. 29 -- according to Kwak Kyoung-ju, who leads a hacking analysis team at the South Korean government-backed Financial Security Institute. The case underscores the increasing appetite from cyber-attackers for digital currencies that are becoming a source of income for the Kim Jong Un regime. North Korea is accelerating its pursuit of cash abroad as the world tightens its stranglehold on its conventional sources of money with sanctions cutting oil supplies and other trade bans.

First post

[kaoshin]

I would have had first post, but my PC was running too slow because my browser was mining cryptocurrency.

So sick of Bitcoin

[MillionthMonkey]

When will this worthless shit crash already? It's a complete failure as a currency. All it's accomplished for the world is to facilitate trafficking in drugs, weapons, and humans, and to reward people who waste electricity. Yes, everyone accepts it as payment. Because it's undergoing a bubble. But no one wants to pay for stuff with it. Because it's undergoing a bubble.

For a currency to be usable, it needs to maintain a stable value. Bitcoin fails miserably at it. Nerds seem to get intrigued by its algorithm

Re:

[Anonymous Cow Ward]

Why is Monero more useful than Bitcoin?

north korea should have to re pay to go olympics

[Joe_Dragon]

north korea should have to re pay it. If they want to go to the olympics!

Re:

[AHuxley]

The code reading of OpenBSD and support for issues reported make OpenBSD one of the best OS.
Other consumer OS brands could do better and follow the understanding of their own code in the way OpenBSD can.

According to some "Kwak"

[Anonymous Coward]

I'll see my way out.

Re:

[FFOMelchior]

Doesn't even have to be a criminal organization -- e.g. UFC which was caught with a browser-embedded miner in November.

misspelled

[Anonymous Coward]

You misspelled Russian.

Re:

[Anonymous Coward]

You misspelled Israeli.

Re:

[halivar]

You misspelled Djibouti. It's the capitol of Djibouti.

Dig deeper

[WillAffleckUW]

Actually, almost all of the ransoms are used by North Korea and Russian hackers to fund various projects.

Follow the digital money trail.

And then short Bitcoin.

Better than ransomeware

[rsilvergun]

I suppose.

Great honeypot

[wardrich86]

Let them waste their resources on Crypto-currencies, then run them all into the ground.

Serious Question

[tacokill]

How does a 3rd world country as backward as NK have elite, top of the line, hacking capability? Last I checked, they had a whole 1024 IP addresses for the whole country. There is no high tech industry there and they don't actually produce any computing or software products. I would be highly surprised if they could make a single ASIC, much less a complex and capable CPU on par with Intel/AMD.

I ask seriously. There are many more technically capable adversaries out there but it's not them who strike successfully yet all of the "bad" hacks I've heard about over the last few years are all being attributed to DPNK

So how do the norks have such a world class hacking capability in the middle of such a technological backwater? How is that even possible?

Re:

[JackieBrown]

How does a 3rd world country as backward as NK have elite, top of the line, hacking capability? Last I checked, they had a whole 1024 IP addresses for the whole country. T

They switched to IPV6 ;)

Re:

[SirGarlon]

TL;DR it is easier to break stuff than to make stuff.

Knowledge is easy to obtain, at least compared to building a microprocessor factory. The hardware you need to hack a remote system is pretty modest: you can run Metasploit on a three-year-old laptop.

I am only speculating but a national scale intelligence service should be able to smuggle in the hardware from China and/or South Korea. As to recruiting the personnel, one thing totalitarian regimes are good at selecting and training talented people. People w

Re: Serious Question

[TuringTest]

Code can be copy-pasted with little knowledge. Also, it's likely that script-kiddies only find the activity profitable in these second world countries to the point of doing it full time; in developed countries you can get better rewards for that level of dedication.

Re:

[SuricouRaven]

Immunity, perhaps. State sponsored hackers don't have to worry about getting caught, so they can be reckless.

Re:

[Zocalo]

Probably the same reason why they can have a nuclear weapons programme; their priorities over where to spend their miniscule GDP are completely and utterly fscked up. They do send a few of their most trusted elites overseas to study, but mostly I suspect it's down to the black market and envelopes stuffed with used notes. Just as there were a lot of Soviet weapons scientists ready to fly to Pyongyang rather than face poverty after the USSR collapsed, there are almost certainly lot of black hats willing to

Re:

[drewsup]

You would be surprised at what can be accomplished with brainwashing and a gun barrel at you/loved ones heads, 99% of NK may be ass backwards, but the 1% that have education are..well, just as smart or smarter than you are, plus they have MOTIVATION, whether that is internal or externally applied doesnt matter.

Re:

[Ed Tice]

I imagine that there are a few things in play here. First, learning hacking is (relatively) cheap. You can setup a system, compromise it, and then re-image with no incremental cost. You should be able to get started just using information freely available on the Internet and some very cheap equipment. Second, opportunistic hacking (to mine cryptocurrencies) is much harder than targeted hacking. Basically you just do reconnaissance until you find something with a known weakness. You don't even really ha

Re:

[Opportunist]

You don't need elite, top of the line hacking abilities. Yes, if you want to break into high security areas where you're facing policies that Put the C of the CIA triad [wikipedia.org] (read the link before you post conspiracy bullshit, please) before the A, then yes, Otherwise you're facing the same problem the average malware jockey faces: If you don't want a specific targets, there's plenty of easy ones.

Take a look at the OWASP Top 10 [owasp.org]. These are the 10 security issues that are considered the most critical and most commo

Re:

[AHuxley]

Re 'How is that even possible?"
Japan, the NSA and GCHQ keep access to the web wide open and fast for their own reasons.
Without the ability to be on the web the CIA code litter does not sell well to the tame waiting media.
"CIA anti-forensics tool that makes Uncle Sam seem fluent in enemy tongues" https://www.theregister.co.uk/... [theregister.co.uk]
"... pretend that the malware was created by a speaker of a range of foreign languages ... Korean .... "
For a good propaganda to work, the big pipe to the internet has to be k

Re:

[AmiMoJo]

The malware they used has code from NSA and CIA cyber weapons that those agencies lost control of. As I recall the NSA leak was from an unsecured staging server.

Re:

[tlhIngan]

How does a 3rd world country as backward as NK have elite, top of the line, hacking capability? Last I checked, they had a whole 1024 IP addresses for the whole country.

They aren't hacking from NK. In fact, they are based in a NK-owned Chilbosan hotel in Shenyang, China [businessinsider.com].

As long as you're good, you're staying in 5 star accommodations.

I think it's less about raising home-grown hackers, and more about attracting top-tier talent from China and Russia.

what cost?

[supernova87a]

So here's the uncomfortable thing about virtual currencies... If there's no bank to authorize transactions or impose sanctions or prevent cash from moving, how do you stop North Korea, or criminals, or terrorists, from using it as a way to get around laws? I feel this will become an increasing problem for these currencies... The only way would be for banks to refuse to put in or withdraw money from accounts related to cryptocurrencies?

Re:

[SuricouRaven]

You can't. That's the point. Part of the purpose of them is to be unregulatable. Criminals don't just mean fraudsters and terrorists - it also means churches in Saudi Arabia, human rights lawyers in China and anti-government media in Russia.

QUESTION: Detecting rogue mining code running?

[Rick Schumann]

Serious question for /. professionals: Other than high CPU usage by your browser, how do you detect a rogue cryptocurrency miner?
Second question: How do you block a rogue cryptocurrency miner from running and/or shut it down?

Propaganda. Yawn.

[Anonymous Coward]

A few years ago it was always Syrian Electronic Army. Now it's always North Korea and Russia. Lol

north koreans hack to mine

[mapkinase]

... who doesn't