North Korean hackers laundered cryptocurrenciesNorth Korean hacker group APT43 used cloud mining services to launder stolen cryptocurrencies. This data was presented by researchers at cybersecurity company Mandiant.
Cloud mining services own and manage the infrastructure and rent out hashrate to users. According to a report published by security analysts, APT43 used stolen cryptocurrency to pay for such services and received "clean" digital currencies to its own wallets.
Mandiant assured that the hacking group had the backing of politicians and used the funds for the North Korean regime's nuclear purposes. The report stated that cybercrime proceeds were used to fund operations against South Korean and U.S. government organizations, as well as scientists and think tanks.
It became known that in order to get "clean" cryptocurrencies APT43 representatives stole credentials through phishing attacks. The researchers assured that the attackers massively created websites that were copies of legitimate resources - for example, a site masquerading as a cryptocurrency exchange.
In this way, they persuaded unsuspecting users to disclose personal information and provide access to their own wallets.
According to the U.S. Federal Bureau of Investigation (FBI), North Korean hackers increasingly used cryptocurrency in various transactions. One high-profile case was the $100 million Horizon Bridge hack. Authorities around the world, especially in the United States and South Korea, have been actively trying to combat the threat. Researchers noted that the number of cybercrimes related to digital currencies increased seriously in 2022.
