North Korea hacked South Korean crypto exchanges, says reportStaff Writer | January 22, 2018
An American cybersecurity firm has reported that South Korean cryptocurrency exchanges and users lost money in late 2017 as a result of North Korea's state-sponsored hacking.
Currency The malware used to target Coinlink
The report, entitled "North Korea Targeted South Korean Cryptocurrency Users and Exchange in Late 2017 Campaign," says the hacking took place before North Korean leader Kim Jong Un's New Year's speech and subsequent North-South dialogue.
The malware used to target Coinlink, a South Korea-based cryptocurrency exchange, was Destover malware. It is the same type of malware used against Sony Pictures Entertainment in 2014 and the first WannaCry ransomware attack in February 2017.
However, Coinlink has reportedly denied any such attacks from North Korea.
North Korean state-sponsored cyber operations are largely clustered within the Lazarus Group umbrella.
Also known as Hidden Cobra by the U.S. government, Lazarus Group has conducted operations since at least 2009, when they targeted U.S. and South Korean websites. ■