Exclusive 2022 record for crypto theft in North Korea – UN report – Crypto News Aktuell in German

By Michelle Nichols

UNITED NATIONS (Reuters) – North Korea stole more cryptocurrency assets in 2022 than any other year and targeted the networks of foreign aerospace and defense companies, according to a currently confidential United Nations report provided to Reuters on Monday.

“(North Korea) has used increasingly sophisticated cyber techniques to gain access to digital networks involved in cyber finance and to steal information of potential value, including its weapons programs,” independent sanctions monitors told a panel of the UN Security Council.

Observers have previously accused North Korea of ​​using cyberattacks to fund its nuclear and missile programs.

“In 2022, a higher value of cryptocurrency assets was stolen by DPRK actors than in any previous year,” the observers wrote in their report submitted to the 15-member North Korea Sanctions Council Council on Friday, citing information from the UN -Member States and cybersecurity firms.

North Korea has previously denied allegations of hacking or other cyber attacks.

The sanctions monitors said South Korea estimated that hackers with ties to North Korea stole $630 million worth of virtual assets in 2022, while a cybersecurity firm estimated that North Korean cybercrime had stolen more than $1 billion worth of cybercurrencies. dollars.

“The fluctuations in the USD value of the cryptocurrency Recent months have likely impacted these estimates, but both show that 2022 was a record year for virtual asset theft in the DPRK (North Korea),” the UN report said.

A US based Blockchainanalyst firm came to the same conclusion last week.

The UN report noted, “Techniques used by cyber threat actors have become more sophisticated, making tracking stolen funds more difficult.”

The report is due to be released later this month or early next month, diplomats said.

blackmail

The observers said most of the cyberattacks were carried out by groups controlled by North Korea’s main intelligence agency – the Reconnaissance General Bureau. These groups included hacking teams pursued by the cybersecurity industry under the names Kimsuky, Lazarus Group, and Andariel.

“These actors have continued to illegally target victims to generate revenue and solicit information of value to the DPRK, including its weapons programs,” the UN report said.

The sanctions monitors said the groups deployed malware using various methods, including phishing. One of these campaigns was aimed at employees in organizations in different countries.

“Initial contacts with individuals were made through LinkedIn, and once a level of trust was established with the targets, malicious payloads were delivered through continued communication over WhatsApp,” the UN report said.

According to a cybersecurity firm, a North Korea-affiliated group called HOlyGhOst “extorted ransom money from small and medium-sized businesses in several countries by distributing ransomware in a widespread, financially-motivated campaign.”

In 2019, UN sanctions monitors reported that North Korea had generated an estimated $2 billion for its weapons of mass destruction programs over several years with widespread and increasingly sophisticated cyberattacks.

break sanctions

In their latest annual report, the observers also said that Pyongyang has continued to produce nuclear fissile material at its facilities and has launched at least 73 ballistic missiles over the past year, including eight intercontinental ballistic missiles.

The United States has long warned that North Korea is ready to conduct a seventh nuclear test.

The Security Council has long banned North Korea from conducting nuclear tests and launching ballistic missiles. It has been subject to UN sanctions since 2006, which the Security Council has tightened over the years to target Pyongyang’s nuclear and ballistic missile programs.

But North Korea has continued illegal imports of refined petroleum and exports of coal and dodged sanctions, observers said. They also said they had opened an investigation into reports of ammunition exports by North Korea.

The United States has accused Russian mercenary company Wagner Group of receiving weapons from North Korea to bolster Russian forces in Ukraine. North Korea has dismissed the allegation as unfounded, and Wagner’s owner, Yevgeny Prigozhin, has denied getting any weapons from North Korea.

Last May, China and Russia vetoed a US-led push to impose more UN sanctions on North Korea. This included a planned freeze on the assets of the Lazarus hacking group.

The Lazarus Group is accused of being involved in the WannaCry ransomware attacks, international bank and customer account hacking, and Sony Pictures Entertainment cyber attacks in 2014.

The United States is linking North Korean hackers to stealing hundreds of millions of dollars worth of cryptocurrencies linked to the popular online game Axe Infinity are connected, the United States announced in April. Ronin, a blockchain network that allows users to transfer crypto in and out of the game, said nearly $615 million worth of digital cash was stolen in March 2022.

(Reporting by Michelle Nichols; Editing by Don Durfee and Stephen Coates)