产品展示
  • 适用于奥德赛扶手箱专用混动艾力绅中央手扶箱带冰箱22款改装配件
  • 吉利博越博瑞GE帝豪EC7自由舰前门后门汽车音响改装专用同轴喇叭
  • 适用宝马3系车门内拉手F35 F30 316 320 328门把手内侧4系内扶手
  • 300A纯铜汽车电瓶充电器大功率货车叉车充电机6v12v24v智能通用
  • 汽车门中B柱密封条隔音降噪橡胶条卡槽缝隙条防水通用加改装配件
联系方式

邮箱:[email protected]

电话:020-123456789

传真:020-123456789

汽车电瓶

N. Korean hacking group Kimsuky funds Pyongyang's espionage operations through cybercrimes

2024-10-10 15:26:17      点击:492
This <strong></strong>image provided by Mandiant highlights the North Korean hacker group APT43, also known as Kimsuky. Yonhap
This image provided by Mandiant highlights the North Korean hacker group APT43, also known as Kimsuky. Yonhap

A North Korean hacking group known as Kimsuky has hacked cryptocurrency to fund the country's espionage operations related to its nuclear program, Mandiant, Google's cybersecurity unit, said Tuesday.

In a recently published report, Mandiant said it has tracked the state-backed hacker group, classified as APT43, over the past five years and found out that Kimsuky has committed cybercrimes to financially support Pyongyang's nuclear weapons program.

"This is a group that has done some cybercrime particularly targeting cryptocurrency," said Luke McNamara, principal analyst at Mandiant, in an online press conference for South Korean media. "We believe their primary mission is cyber espionage, gathering secrets for the North Korean government, particularly around nuclear policy."

He said APT43 is part of the Reconnaissance General Bureau (RGB) in the North Korean government, along with other secret operations groups like APT38, Temp Hermit and Andariel, which are widely called Lazarus.

Those groups are believed to share malware and hacking codes to carry out their mission to bring in money for the North Korean government to fund the weapons program.

"APT43 carries out a variety of different financially motivated activity, primarily focused on stealing cryptocurrency within this category of activity," he said. "And one of the things they do to try to make that cryptocurrency that they have stolen more difficult to trace by law enforcement is by rolling that into or using that to pay for cloud mining or hash rental services."

They laundered the stolen cyber money through cloud mining services, allowing the country to disrupt the trail of those stolen funds.

He noted that North Korea has used the laundered money to collect information about nuclear weapons by sending spear-phishing emails targeting policymakers or researchers in South Korea and the United States to ask for in-depth analysis of North Korean issues.

"They didn't even send any malware. They simply asked someone who was working on policy matters to provide their strategic analysis of what was going on," he said. "And a lot of targets who had been sent emails like this have freely responded and given responses to APT43, which as we know is North Korea's RGB."

This image provided by Mandiant highlights the North Korean hacker group APT43, also known as Kimsuky. Yonhap
Luke McNamara, principal analyst at Mandiant, is shown in this photo provided by Mandiant. Yonhap

APT43 has also approached global pharmaceutical firms to get information on COVID-19 vaccines and treatment during the pandemic.

"Particularly since 2020, they targeted pharmaceuticals when the pandemic started and when there was a lot of work on vaccine treatments and other treatments for COVID-19," he said.

North Korea's cybercrimes will be more active and versatile from now on as they are playing a crucial role in giving financial support to the North Korean government, which is currently intensifying military provocations amid signs of a looming nuclear test.

"We expect APT43 will continue to be very prolific and very active, carrying out its mission of espionage," he said. "As North Korea continues its weapons program and as North Korea continues its missile tests, we expect APT43 to continue carrying out its operations because this is a key part of what this group is supporting." (Yonhap)


North Korea carrying out construction at Punggye
North Korea fires ballistic missile as US bombers join drills