At 10:36 sharp, Andrew Anastasiou, a British fintech entrepreneur, realized he had been robbed of nearly £80,000 sterling in cryptocurrency. .
«My heart sank when I opened the story and saw that my account had been emptied,» he told The Telegraph.
A British businessman was one of thousands of victims in this week, an £80m theft was directed against Atomic Wallet, an Estonian company that provides users with digital accounts to store cryptocurrencies.
Elliptic, the British cybersecurity firm that exposed the attack, blamed the heist on Lazarus, a notorious group of North Korean hackers who are believed to have stolen over $2bn (£1.56bn) worth of digital assets in previous thefts. , including a cyberattack on the National Health Service in 2017.
Senior officials monitoring the group's illicit activities say Lazarus is a key component of North Korea's increasingly sophisticated global cybercrime operation, using hacks, cryptocurrency heists and even a network of freelancers doing mundane IT jobs to evade sanctions and raise funds. for Pyongyang's nuclear weapons program. .
From his office at the South Korean Foreign Ministry in downtown Seoul, Lee Jung Il, director general of North Korea's nuclear affairs bureau, leads a joint task force with the United States that monitors and counters North Korea's nuclear threats. cyber threat.
In a rare interview, Mr. Lee said that Pyongyang has “found a new frontier in cyberspace” and is trying to exploit the lack of regulation and safeguards for cryptocurrencies.
«We believe that cyber-looting and overseas IT professionals are now North Korea's biggest source of income,» he said.
He added that it was «alarming» that these «malicious cyber actors» were linked to the Northern military industry, the Department of Defense and the Main Intelligence Directorate — the intelligence agency behind the Northern covert activities — all of which have been sanctioned for weapons development, he added.
«We estimate that a significant portion of the money they make from these [cyber] activities goes to their weapons program.»
The UK, as a global financial center, «may also be a very good target for North Korea.» ,» Li warned.
Unprecedented surge in tests
It's impossible to pinpoint just how lucrative cybercrime is. for an authoritarian regime.
According to Elliptic, over 5,000 crypto accounts are believed to have been affected by the Atomic Wallet attack, with at least ten users losing over $1 million and over 160 others losing over $100,000.
According to South Korea's National Intelligence Service estimates that North Korea has stolen $1.2 billion in cryptocurrencies since 2017, with about $626 million stolen in 2022 alone. U.S. estimates are higher.
Digital heists have netted more than $3 billion in North Korea over the past five years, the Wall Street Journal reported this week, citing analytics firm Chainanalysis.
The money is being used to fund about 50 percent of North Korea's ballistic missile program, according to US officials who previously thought it accounted for one-third.
The rise coincides with a sharp and unprecedented spike in weapons testing, including number of intercontinental ballistic missiles, over the past year.
U.S. officials say clandestine North Korean IT teams posing as East Asian, Eastern European, or American remote workers with false identities collectively earn more than $3 million a year for the regime.
Illegal workers are hard to spot, mostly from Russia and China, and receive freelance contracts to develop software and mobile apps. They have been known to hire «front men» as actors to help them get through job interviews, and when they get hired, they sometimes modify products so they can be hacked.
Collateral Damage
G- Mr. Lee and his team have compiled a list of red flags to help companies identify North Korean cybercriminal experts.
He warned that if North Korea reopens its borders after the pandemic, there could be an exodus of such cybercriminal groups.
“Where there is a vulnerability, they use it. That's why we're doing outreach around the world to raise awareness of the threats,” he said.
But as the North Koreans improve their methods, more and more innocent bystanders become collateral damage.
Another Atomic wallet robbery victim, who did not wish to be named, said she used the account to get her paycheck and, like Mr. Anastasiou, was unable to return the funds.
“That was all the money I had when I left Russia to start a new life,” she said. «Now it will be a thousand times harder.»
Mr. Anastasiou suspects the hack could have been caused by malicious code, but is skeptical of the idea of a North Korean conspiracy, but he and other victims believe the company has not done enough to help.
Atomic Wallet said it is «committed to helping as many victims of the recent exploit as possible» and has hired a lead cryptocurrency incident investigator «to track stolen funds and liaise with exchanges and authorities.» The Telegraph contacted Atomic Wallet for further comment.
Свежие комментарии