benjamin lehman | Unsplash
During these dates, reports of incidents related to the theft of cryptocurrencies by fully organized cyber attackers are usually made. Over time, this has gained more impact as their procedures have become much more effective. Additionally, it should be mentioned that these are no longer isolated cases carried out by a single individual or a small group of people, but it is now encompassing an association between countries, which is truly concerning.
Looking at statistical data, North Korea has a 61% incidence in cryptocurrency theft attacks. According to Chainanalysis, it is estimated that in the year 2023, there have been 20 incidents, resulting in the theft of an approximate sum of $660.5 million dollars. This current year has surpassed these figures, with a total of 47 incidents, amounting to $1.340 billion dollars, indicating a 102.8% increase in the value of the theft.
It is undeniable that there is a serious problem that, if not addressed, could increase its danger and impact even further. In fact, one of the most important factors to consider is cooperation with other countries in terms of technology and theft methods.
According to Luis Lubeck, the project manager of Hacken Services (a blockchain cybersecurity firm), there is close collaboration between North Korea and Russia that allows for the exchange of vital information to carry out these acts.
He emphasizes that this partnership goes beyond just open communication, facilitating the sharing of sophisticated tools to enhance each attack, considering they can share advanced knowledge. This also prevents both nations from competing to claim credit for the incident since it is a single, large partnership.
It seems that nowadays what is sought is an alliance between countries. This results in a cyber warfare that is difficult to combat as cybercrime becomes larger and more sophisticated. It may seem like science fiction, but it is the reality of what is happening. There are various cases where these actors pose as blockchain developers, enabling them to insert vulnerabilities or backdoors in the projects they contribute to.
One example is an attack that allowed the theft of $50 million dollars from Radiant Capital. This case stood out because the attacker, linked to North Korea, pretended to be a former contractor, leading to the transfer of files containing a permanent backdoor in MacOS to an unsuspecting employee. This malware appeared as a normal PDF file, thus going completely unnoticed by the staff.
Lubeck distinguishes the methods used by these perpetrators, adapting to the evolution of technology and prominently using artificial intelligence. This allows for the creation of fake profiles using techniques that align with the capabilities of "Deep Fakes," posing a greater challenge when attempting to identify a user, especially in remote contracts.
Perhaps the most serious aspect in terms of scale is that the funding obtained is directed towards purchasing military equipment. According to U.S. officials, the stolen cryptocurrencies have been used in the development of high-power weapons and missiles. This suggests that part of the funding for North Korea's military power comes from cyber piracy.
Lubeck's words seem to make sense. According to him, an effective way to counter these actions is through stricter measures regarding information exchange, primarily via KYC.
Sanctions, on the other hand, seem not to work. For there would be alternative ways to commit infractions or crimes through complete evasion, resulting in an effectiveness that would be useful in isolated cases.
It is also thought that considering control around cryptocurrencies and tracking them, could be something that the international sphere should bear in mind to decrease this issue through collaboration.
- Main image edited in Canva.
- I have consulted information at decrypt.co.
- Translated from Spanish to English with Hive Translator.
Posted Using InLeo Alpha