🚨 Get Your Free NFT Certificate Mint by Completing the Web3 Exam! START NOW
Learn to gain real rewards

Learn to gain real rewards

Collect Bits, boost your Degree and gain actual rewards!

New
Video Courses
Video Courses
Deprecated
Scale your career with online video courses. Dive into your learning adventure!
Learn to gain real rewards

Learn to gain real rewards

Collect Bits, boost your Degree and gain actual rewards!

New
Video Courses
Video Courses
Deprecated
Scale your career with online video courses. Dive into your learning adventure!

North Korean Cybercrime Group APT43 Uses Cloud Mining Services to Launder Crypto

North Korean Cybercrime Group APT43 Uses Cloud Mining Services to Launder Crypto

A hacker group linked to the Kim Jong-un regime, APT43, avoids any “forensic trail" of stolen funds by using mining services.

Cybersecurity firm Mandiant has reported that the North Korea-based cybercrime operator Advanced Persistent Threat (APT43) is using “stolen crypto to mine for clean crypto.”

Mandiant, a Google-owned cybersecurity firm, has been tracking the ATP43 for the past five years and has identified the group as an independent identity.

Harmony ONE Explained (Beginner-Friendly Animation)

Did you know?

Want to get smarter & wealthier with crypto?

Subscribe - We publish new crypto explainer videos every week!

Harmony ONE Explained (Beginner-Friendly Animation)

Harmony ONE Explained (Beginner-Friendly Animation) Harmony ONE Explained (Beginner-Friendly Animation)

The group's activities suggest that its members are part of North Korea’s spy agency Reconnaissance General Bureau, whose primary activities include espionage, hacking private industries, think tanks, and academics in South Korea, Japan, the US, and Europe. The group employs phishing tactics to steal the victim’s credentials and install malware on their computer systems.

However, Mandiant discovered that APT43 is also involved in a sideline profit-focused cybercrime, which includes stealing cryptocurrency to raise funds for the North Korean regime or to fund the group’s operations.

APT43 steals and launders enough cryptocurrency to buy operational infrastructure in a manner aligned with North Korea’s juche state ideology of self-reliance, therefore reducing fiscal strain on the central government.

The report reveals that ATP43 pays the stolen digital tokens into a “hashing service” that allows users to rent cloud-based mining services, receiving newly mined cryptocurrencies. These new coins do not have any apparent ties to criminal activity.

This method allows the group to cash out the stolen funds while preventing them from being frozen or seized. A Mandiant Threat intelligence analyst Joe Dobson described the procedure as “breaking the chain,” explaining that it avoids any “forensic trail of evidence” on the blockchain networks.

Mandiant started noticing signs of APT43’s crypto laundering activities in August 2022. Since then, it has identified tens of thousands of dollars worth of cryptocurrency sent to cloud mining providers such as Hashing24 and NiceHash.

The cybersecurity firm identified American Express Cards, PayPal, and “Bitcoin likely derived from previous operations" as the payment methods used for various purchases.

APT43 is also accused of using Android malware to steal the credentials of customers looking for crypto loans in China.

It appears that North Korean hackers are also connected to a recent Euler Finance attack. On March 17th, the hacker behind the Euler Finance attack moved 100 Ether (ETH) to an address previously linked to North Korean hackers.

Gile K., Market Sentiment Analyst
Gile is a Market Sentiment Analyst who understands what public events may form what emotions. Her experience researching Web3 news and public market messages – including cryptocurrency news reports, PRs, and social network streams – is critical to her role in helping lead the Crypto News Editorial Team.
As an intelligent professional in public relations, together with the team, she aims to determine real VS fake news patterns, and bring her findings to anyone searching for unbiased news and events happening in the FinTech markets. Her expertise is uncovering the latest trustworthy & informative Web3 announcements to the masses.
When she's not researching the trustworthiness of mainstream stories, she spends time enjoying her terrace view and taking meticulous care of her outdoor environment.

Loading...
binance
×
Verified

$600 WELCOME BONUS

Earn Huge Exclusive Binance Learners Rewards
Rating