CNN reported on the 9th (local time) that North Korea is stealing a huge amount of foreign currency through cryptocurrency hacking. It also introduced the efforts of the international community to prevent this. Here is a summary of the article.
A team of South Korean National Intelligence Service and US civilian investigators gathered at a building in Pangyo shortly after North Korea fired three missiles in January.
They have been tracking the $100 million that North Korea stole from US cryptocurrency firm Harmony for months, waiting for North Korean hackers to transfer the stolen cryptocurrency to convert it into dollars or yuan.
They succeeded in blocking the North Korean hacker in just a few minutes the moment they tried to transfer. Eventually, the North Korean hacker transferred only a portion of the cryptocurrency pegged to the dollar in late January and abandoned the account. They notified the U.S. law enforcement agencies and seized them.
The amount blocked that day is about $1 million. Experts point out that out of the 100 million dollars stolen by North Korean hackers, North Korea is still holding the rest except for the money that has been blocked, and that efforts to block it should be strengthened.
The tracking of North Korean cryptocurrencies, which is carried out in the form of a trap investigation, is carried out with the participation of experts from various countries.
North Korean hackers have stolen billions of dollars from banks and cryptocurrency companies in recent years. As the tracking becomes more active, North Korea’s response is also becoming more sophisticated.
Blocking North Korea’s cryptocurrency theft is a national security task for the United States and South Korea. The amount of income North Korea steals through hacking for nuclear and missile development or through IT workers dispatched abroad is to the extent that it is included in the daily report to US President Joe Biden.
A joint statement issued at the South Korea-US-Japan policy special envoy meeting held in Seoul on the 7th also pointed out that “North Korea is concerned about information and money theft and laundering activities.”
Since the late 2000s, the United States and its allies have tracked North Korea’s secret exports of weapons and coal and other items subject to sanctions in international waters. This is still going on, but now more efforts are being put into preventing hacking.
In the United States, the departments in charge of tracking North Korean hacking are mainly the Federal Bureau of Investigation (FBI) and the Treasury Department. The FBI announced in January that it had frozen part of $100 million in cryptocurrency stolen by North Korea from Harmony.
North Korea, which the Kim family has ruled through hereditary succession for 70 years, has maintained its existence with money earned by state-owned companies. This is why researcher John Park, who is in charge of the Korea project at the Harvard Kennedy School’s Belfer Center, calls North Korea ‘North Korea, Inc.’.
Researcher John Park emphasized that cryptocurrency hacking is much easier and earns astronomically more than money earned through smuggling of coal in the past.
According to Chainalysis, the total amount of cryptocurrency stolen worldwide last year was $3.8 billion, and nearly half of it, $1.7 billion, was stolen by North Korean hackers. Some countries support foreign currency exchange in North Korea. The US indicted two Chinese nationals for laundering $100 million in 2020.
The National Intelligence Service is establishing an information sharing system with allies and private security companies to track North Korea’s new hacking methods.
North Korea is actively using a mixing service that hides the source of cryptocurrency.
On the 15th of last month, the US Department of Justice and European law enforcement agencies announced that they had shut down a mixing service called Chip Mixer. This is where North Korea is believed to have laundered $700 million in stolen money hacked from large cryptocurrency companies. The $100 million stolen from Harmony was also blocked while attempting to launder here.
Private security firms use blockchain tracking software to block the movement of North Korean stolen cryptocurrencies and quickly seize the money while maintaining close ties with law enforcement.
In August of last year, the US Treasury Department sanctioned Tornado Cash, a large mixing service. This is where North Korean hackers laundered $455 million. Dutch judicial authorities have arrested Tornado Cache’s developer.
In addition, a North Korean hacker was caught sending $24 million to a mixing service called Sinbad last December.
Cybersecurity companies such as Chainalysis are actively recruiting experienced law enforcement officials who know a lot about secret information related to North Korea’s money laundering.
British security company Elliptic also tracked and blocked $1.4 million of the money North Korea stole from Harmony in February. After real-time tracking of movements on cryptocurrency exchanges Huobi and Binance, it was successfully blocked.
“It’s like a big drug deal,” Elliptic co-founder Tom Robinson said. North Korea is prepared to lose some of its money. However, if you trade large and fast, you can save a lot of money,” he said.
North Korea has also attempted to steal cryptocurrencies stolen by other hackers. Last month, a North Korean hacker sent a phishing email to the hacker who stole 200 million dollars from Euler Finance in the UK, but it also failed.
Analyst Nick Carlsen, who was responsible for North Korea at the FBI through 2021, said there are hundreds of North Korean hackers. He feared that while North Korea would attract attention by stealing cryptocurrencies on a large scale, it could also use subtle schemes such as Ponzi schemes.
Source: Donga
Mark Jones is a world traveler and journalist for News Rebeat. With a curious mind and a love of adventure, Mark brings a unique perspective to the latest global events and provides in-depth and thought-provoking coverage of the world at large.