United Nations: North Korea stole more crypto assets in 2022 than in any other year and targeted networks of foreign aerospace and defense companies, according to a currently confidential UN report seen by Reuters on Monday.
“(North Korea) uses increasingly sophisticated cyber techniques to gain access to digital networks involved in cyber finance and to steal information of potential value, including on its weapons programs,” a UN Security Council committee tasked with monitoring independent sanctions People told.
Monitors have previously accused North Korea of using cyberattacks to help fund its nuclear and missile programs.
“A higher value of crypto assets was stolen by DPRK actors in 2022 than in any previous year,” the monitors wrote in their report submitted Friday to the North Korea Sanctions Committee of the 15-member council. firms.
North Korea has previously denied allegations of hacking or other cyberattacks.
Sanctions monitors said South Korea estimated that hackers linked to North Korea could steal $630 million in virtual assets in 2022, while a cybersecurity firm assessed that North Korean cybercrime could cost more than $1 billion. Cyber currencies of Rs.
“Variations in the USD value of cryptocurrency in recent months have influenced these estimates, but both suggest that 2022 could be a record-breaking year for DPRK (North Korea) virtual asset thefts,” the UN report said. Was.”
A US-based blockchain analytics firm came to the same conclusion last week.
The UN report states: “The techniques used by cyberthreat actors have become more sophisticated, thus making it more difficult to track stolen funds.”
Diplomats said the report would be released publicly at the end of this month or early next month.
Read also: Kim Jong Un’s ‘disappearance’ sparks speculation about his health
Extortion
Monitors said most of the cyberattacks were carried out by groups controlled by the Reconnaissance General Bureau – North Korea’s primary intelligence bureau. It said those groups include hacking teams tracked by the cyber security industry under the names Kimusuki, Lazarus Group and Andarial.
“These actors continued to illegally target victims to generate revenue and solicit information of value, including on the DPRK’s weapons programs,” the UN report said.
Sanctions trackers said the groups used malware in a variety of ways, including phishing. One such campaign targets employees in organizations from different countries.
The UN report states, “Initial contacts with individuals were made through LinkedIn, and once a level of trust with targets was established, malicious payloads were delivered through continued communication on WhatsApp.” “
It also said that, according to a cybersecurity firm, a North Korean-linked group known as HOlyGhOst targeted small and medium-sized companies in several countries by distributing ransomware in a “widespread, financially motivated campaign.” Ransomed from.”
In 2019, UN sanctions monitors reported that North Korea had generated an estimated $2 billion over several years for its weapons of mass destruction programs using large-scale and increasingly sophisticated cyber attacks.
sanctions busted
In its latest annual report, the monitors also said Pyongyang continued to produce nuclear fissile material at its facilities and launched at least 73 ballistic missiles last year, including eight intercontinental ballistic missiles.
The US has long been warning that North Korea is ready to conduct a seventh nuclear test.
North Korea has long been banned by the Security Council from conducting nuclear tests and launching ballistic missiles. Since 2006, it has been subject to United Nations sanctions, which the Security Council has strengthened over the years to target Pyongyang’s nuclear and ballistic missile programs.
But North Korea has continued illegal imports of refined petroleum and exports of coal to avoid sanctions, the monitor said. They also said they had begun an investigation into reports of ammunition exports by North Korea.
The United States has accused Russian mercenary company Wagner Group of receiving weapons from North Korea to help reinforce Russian forces in Ukraine. North Korea has dismissed the allegations as baseless and Wagner’s owner, Yevgeny Prigozhin, has denied receiving weapons from North Korea.
Last May, China and Russia vetoed a US-led push for more UN sanctions on North Korea. This included a proposed asset freeze on the Lazarus hacking group.
The Lazarus group has been accused of involvement in the “WannaCry” ransomware attacks, the hacking of international banks and customer accounts, and the 2014 cyberattack on Sony Pictures Entertainment.
The United States has linked North Korean hackers to the theft of hundreds of millions of dollars of cryptocurrency linked to the popular online game Axi Infinity, the United States said in April. Ronin, a blockchain network that lets users transfer crypto in and out of games, said about $615 million in digital cash was stolen as of March 2022. – Reuters
(Reporting by Michelle Nicholls; Editing by Dawn Durfee and Stephen Coates)
Disclaimer: This report is generated automatically from Reuters news service. ThePrint is not responsible for its content.
Read also: North Korea calls for expanded drills, strengthening war-ready posture