U.S. government prosecuted North Korean hackers’ shocking move…Virtual asset market booming for years

Promote malicious apps as safe virtual asset wallets… Operate telegram rooms
English names are used and all activities are conducted in English…There are also suspicions of operation such as Twitter, Instagram, etc.
From 2009 until recently, the financial sector has been heavily damaged by hacking attacks. [Photo: Shutterstock]
It turns out that the hacking group announced by the U.S. government last month has been active in the blockchain and virtual asset industries for several years. [Photo: Shutterstock]

[Digital Today Reporter Kang Jin-gyu] It turns out that North Korean hackers, which the US government has pointed out for extorting virtual assets such as Bitcoin and Ethereum, have been in the block chain and virtual asset industries for many years. They developed virtual asset trading apps, wallets, and operated Twitter and Telegram rooms.

According to sources on the 11th, it was analyzed that North Korean hackers designated by the US government last month were engaged in bold activities in the global blockchain and virtual asset industries for several years.

On February 17 (local time), the US Department of Justice said, “We are prosecuting three North Korean computer programmers who participated in the crime of conducting cyber attacks and extorting more than $1.3 billion of money and virtual assets from financial institutions and companies.”

The U.S. Department of Justice explained that North Korean hackers engaged in virtual asset-related activities from March 2018 to September 2020. Hackers developed and distributed malicious virtual asset apps or hacked virtual asset companies to steal virtual assets worth tens of millions of dollars. The U.S. government claimed that hackers tried to develop virtual asset apps and wallets, as well as blockchain platforms, and coin issuance (ICO).

According to officials, these hackers engaged in active activities, contrary to the perception that they would have been secretly active.

Company A, designated by the US Ministry of Justice, claimed that they developed a virtual asset wallet that is strong in security through its homepage. Company A even asked caution when choosing a virtual asset wallet. The encryption algorithms and contracts applied must be secure. The company claimed that security is important when choosing a virtual asset wallet, and insisted that you should choose its own product. However, according to the U.S. Department of Justice, the virtual asset wallet app is called malware.

Another disguised virtual asset wallet developer, Company B, built a homepage reminiscent of US and European companies. All explanations on the homepage were in English. In a notice, the company urged employees to be cautious of phishing, saying that they never ask for sensitive information such as passwords, 12-word phrases, or private keys. However, company B’s site is registered as a dangerous site in anti-virus software (SW).

A telegram room known to be operated by a North Korean hacker’s camouflage company [Image: Telegram room]

Another camouflage company designated by the US Department of Justice, Company C, is known to operate a Telegram room and manage investors and customers. Telegram room operation is one of the marketing and customer management methods widely used by domestic and foreign blockchain and virtual asset companies.

As a result of the reporter’s entry, it was found that investment information was discussed in the Telegram room of Company C. All conversations and communication took place in English. The operator of the Telegram room at Company C shared information such as the US government’s economic policy or delivered news of its service improvement. The operator expressed a sense of closeness by calling the participants a family. Records remain that this Telegram room was actively operated until last year.

A Twitter account believed to have been run by a North Korean hacker’s camouflage company was also discovered. This Twitter account was following the coin, major figures in the blockchain industry, and business accounts (receive tweets).

This account includes Ethereum’s founder Vitalik Buterin, Tron founder Justin Sun, Binance CEO Changfeng Zhao, Coinbase founder Brian Armstrong, as well as security firm McAfee founder John McAfee’s Twitter account, who raised his voice in the virtual asset field Was also following.

In addition, blockchain-related media such as Coin Telegraph and Forbes Crypto, and exchange accounts such as Bitfinex, Bittrex, Coinbase, and Binance, and major exchange accounts such as Tron, Ripple, IOTA, Ethereum, and Monero. He also followed the Virtual Asset Foundation account.

Experts believe that this activity is intended to identify key information in the virtual asset and blockchain industry. In addition to Twitter, hackers are known to have used Instagram for publicity.

According to officials from the US government, North Korean hackers used Chinese names such as Kwan to disguise themselves as Chinese or Chinese, or acted under foreign names such as Alex, Julian, and Tony. They speak English and Chinese, and disguised themselves as officials in the global blockchain industry.

There have been many cases where North Korean developers and hackers have been active overseas, but there have been no cases where they acted boldly after being disguised as closely as this time. An official in the security industry said, “If you look at the contents of the activity, you can not know at all whether they are hackers or North Koreans.” An IT industry official explained, “If you did not know the details of the prosecution, you would have thought of it as a general blockchain and virtual asset company.”

Experts predict that the activities of North Korean hackers will proceed in such a way that they do not reveal themselves at all.

Author/ Translator: Jamie Kim
Bio: Jamie Kim is a technology journalist. Raised in Hong Kong and always vocal at heart. She aims to share her expertise with the readers at blockreview.net. Kim is a Bitcoin maximalist who believes with unwavering conviction that Bitcoin is the only cryptocurrency – in fact, currency – worth caring about.