Hackers from North Korea have developed a new strategy, designed by Pyongyang, to steal cryptocurrencies. The hackers are aiming for individual investors to ease the impact of international sanctions, according to the South China Morning Post (SCMP).

North Korea and Hackers

The hackers have previously targeted institutions and exchanges and are now changing their strategy. Pyongyang is targeting individual investors because they are seeking a new source of income. The reason behind this scheme is, according to analysts, because of sanctions targeting its illegal nuclear weapons programme. Choi adds:

“With the US, the UN and others imposing sanctions on the North Korean economy, North Korea is in a difficult position economically, and cryptography is a good opportunity.”

Kwon Seok-Chul is the CEO of South Korean cybersecurity firm Cuvepia. He said that his company had detected more than 30 cases since April. Situations where they suspected North Korean hackers are attacking people holding cryptocurrency.

Usually, the hackers send their victims an email with a text file. The computer is infected if the individual opens the file. The machine gets infected with malicious code that gives them full control. Choi said the shift towards attacking individuals might be a response to exchanges and financial institutions strengthening security against cyber attacks.

Hackers and cryptocurrencies

Even though some wallets are supposed to be unhackable, like McAffe’s hardware wallet, hacks still occur on a regular basis. Cryptocurrencies have become a lucrative commodity for cyber thieves across the world. According to an investigation made by Reuters, exchanges have lost over $6 billion worth of bitcoin since 2011. North Korea hackers are “famous” for taking hundreds of millions, a story covered by Toshi Times.

Choi said that North Koreas new strategy initially aims for wealthier individuals.

“They believe that if they target CEOs of wealthy firms and heads of organizations, more so than ordinary people, they can take advantage of billions of won in virtual currencies,” he said.

Since North Korean hackers previously targeted exchanges, it is possible, that those attacks created the possibility for the hackers to target individuals. Luke McNamara is an analyst at California-based cybersecurity firm FireEye. He said the hackers behind these attacks could have gotten the information that allowed them to target individual cryptocurrency users.

“It’s possible from previous intrusions they’ve been able to collect information related to the email addresses, usernames of the people using these exchanges,” he said.

Image Source: “Flickr”