Experts said the involvement of the DPRK attack on the stock exchange of cryptocurrency in South Korea

© RIA Novosti / Alexei Mangalapura in fotosencibilization. Archival photoExperts said the involvement of the DPRK attack on the stock exchange of cryptocurrency in South Korea© RIA Novosti / Alexei Mangalapura the image Bank

International company is Recorded Future working in the field of technological security, came to the conclusion that the new attacks on investors cryptocurrency of South Korea, which occurred in late 2017, is a hacking group associated with the authorities of the DPRK.

«Agents of the North Korean government, especially the Lazarus group, continued attacks on the South Korean stock exchange cryptocurrencies and their participants at the end of 2017 until the new year speech, Kim Jong-UN and subsequent conversations North and South Korea,» — said in the report, presented on the official website Recorded Future.

The document States that the objectives of the group were not only the South Korean stock exchange cryptocurrencies, in particular — exchange Coinlink and society «Friends of the Ministry for foreign Affairs.»

According to the text of the report, the technique, the encoding and the goal make it to say that for hackers it is the North Korean government.

In the analysis of malware the company has detected code Destover. «Destover was involved in a number of operations associated with North Korea against Sony Pictures Entertainment in 2014, Polish banks in January 2017, and the first victim of the virus WannaCry in February 2017,» write the authors of the report.

According to experts, the malware used including Chinese terms «as a diversion».

Previously, the company’s specialists in the field of cyber security AlienVault have identified a malicious program that installed on your computer the application for mining cryptocurrency, and the revenue was redirected to the server in the DPRK.

In mid-December, South Korean intelligence announced that it has received evidence of the possible involvement of the DPRK to stealing personal information of about 30 thousand users of the most popular in the country of the exchange of cryptocurrency Bithumb. Another similar incident occurred on another site — Coinis in September.

Source