Skip to content

Kim Jong Un-Backed Hackers Behind Years Of Crypto Exploits In Japan, Police 

Kim Jong Un has allegedly resorted to a series of subversive measures aimed at weakening his enemies.

The North Korean dictator has unleashed an unprecedented wave of cyberattacks against businesses, services and websites linked to cryptocurrency, as per Japan’s national police.

What Happened: North Korean hacking group, Lazarus, is the organization behind several years of cryptocurrency-related cyberattacks in Japan, according to a public advisory statement published by the Japanese government on Oct. 14.

Japan’s National Police Agency and Financial Services Agency have issued these warnings to the country’s crypto-asset businesses, asking them to remain vigilant of “phishing” attacks by a hacking group attempting to steal crypto assets.

According to the report, the warning is part of a “public attribution” for the fifth time in history. 

A police officer stands in front of a flight information board at the arrival lobby of Haneda Airport in Tokyo, Japan, on Tuesday, Oct. 11, 2022. (TORU HANAI/BLOOMBERG VIA GETTY IMAGES) 

This comes as popular cryptocurrencies Bitcoin (CRYPTO: BTC) and Ethereum (CRYPTO: ETH) were in the green Sunday evening, as the global cryptocurrency market cap rose 0.5% to $921 billion at 9:25 p.m. EDT.

How It Works: Phishing has been a common method of attack used by North Korean hackers, according to the NPA and FSA. These attacks are orchestrated by impersonating company executives in order to entice employees to click malicious links or attachments. 

The police have asked companies to keep their “private keys in an offline environment” and to “not open email attachments or hyperlinks carelessly.” 

“This cyberattack group sends phishing emails to employees impersonating executives of the target company […] through social networking sites with false accounts, pretending to conduct business transactions. 

The cyber-attack group [then] uses the malware as a foothold to gain access to the victim’s network,” the advisory read.

According to blockchain analysis company Chainalysis, North Korean hackers broke into cryptocurrency exchanges and investment companies seven times last year and stole digital money valued at $395 million. 

People pay their respects before the statues of late North Korean leaders Kim Il Sung and Kim Jong Il at Mansu Hill as North Korea marks it 77th anniversary of the founding of the Workers’ Party of Korea (WPK) in Pyongyang on October 10, 2022. (KIM WON JIN/AFP VIA GETTY IMAGES)

The amount represents an increase of about $100 million over the previous year’s thefts by North Korean hacker groups, bringing their five-year total to $1.5 billion in cryptocurrency alone. This does not include the additional hundreds of millions of dollars that the country is alleged to have stolen from the traditional financial system that have not been tallied.

Despite the fact that Kim’s regime is heavily sanctioned, isolated, and dealing with a deteriorating economy, that hoard of stolen bitcoin is feared to contribute significantly to its Pyongyong’s nuclear program

Given that much of North Korea is offline, there is little chance that it will be attacked itself. 

“For North Korea, it’s a low-cost, low-risk but high-return criminal enterprise,” said Yoo Dong-ryul, a former chief antiterrorism analyst at the South Korean national police agency, while talking to a news reporter. 

“They are unique in that they are trained and deployed and operate under a government program,” Mr. Yoo added.


Produced in association with Benzinga.

(Additional reporting provided by Hamraz Ahmad)

Recommended from our partners