North Korea Hacking War on Bitcoin Exchanges Is Part of “Biggest Global Sting”

north korea hacking bitcoin exchange
A visual representation of the digital cryptocurrency bitcoin alongside U.S. dollars, in London, on December 7. The bankruptcy of a bitcoin exchange has been blamed on North Korean hackers, prompting concerns for the cryptocurrency’s future. Dan Kitwood/Getty Images

The bankruptcy of a bitcoin exchange has been blamed on North Korean hackers, prompting concerns for the cryptocurrency’s future.

Around $72 million worth of bitcoins were stolen from the South Korean exchange Youbit in April, before a second more recent cyber heist forced the exchange to shut down on Tuesday.

Cryptocurrency exchanges from neighboring South Korea—which account for 15 to 25 percent of world bitcoin trading—appear to be the main target of the hackers, with the country’s largest exchange platform, Bithumb, hacked in July.

Other Seoul-based bitcoin exchanges, including Yapizon and Coinis, have also been the target of cyber thieves suspected of being from North Korea this year.

Cybersecurity researchers tell Newsweek that the activity is part of a worrying trend relating to hackers from Bluenoroff, a subgroup of the North Korean hacking group Lazarus, famous for the Sony Pictures hack in November 2014.

“The first time I saw them target a bitcoin company was in May this year—the same month they unleashed WannaCry,” says Chris Doman from the cybersecurity firm AlienVault.

“They’ve also used related malware to opportunistically mine Monero coins on compromised servers. Clearly they have a large interest in cryptocurrencies as an easy method for economic gain, as well as an opportunity to economically weaken their enemies.”

north korea hacking war bitcoin A North Korean flag is displayed in a window on a viewing deck of the Namsan Seoul Tower, in Seoul, South Korea, on July 6, 2017. Seoul-based bitcoin exchanges, including Yapizon and Coinis, were the target of cyber thieves suspected of being from North Korea in 2017. ED JONES/AFP/Getty Images

The consequences of these cyber thefts could result in a crackdown from regulators on bitcoin and other cryptocurrencies.

“Bitcoin could be the biggest global sting operation ever,” says Andy Norton, director of threat intelligence at Lastline. “It’s like a black hole attracting bad actors and dirty money from all around the world. If North Korea are using it to avoid sanctions it could lead to a coordinated response by various governments to shut down access to those funds locked in bitcoin.”

Korea Internet and Security Agency (KISA) attributed the first attack on Youbit, which resulted in the loss of 4,000 bitcoins, to hackers based in North Korea.

Related: Was North Korea’s Bureau 121 hacking group behind internet attacks?

This analysis reaffirmed claims by the CWIC Cyber Warfare Research Center in South Korea, which stated earlier this year that the rogue nation may be targeting the virtual currency in response to heavier economic sanctions.

For the spate of attacks not to lead on to a collapse of bitcoin and other cryptocurrencies, security researchers say exchanges need to apply a much greater focus on cybersecurity.

“Trust in cryptocurrency exchanges is absolutely crucial for the wide success of this technology, and unfortunately the situation today is anything but good,” Shlomi Dolev, co-founder of Secret Double Octopus, tells Newsweek.

“Because of the anonymous nature of cryptocurrencies, stealing personal keys represents the perfect crime, leaving absolutely no traces of wrongdoing. We need to see much greater transparency in the adoption of modern authentication techniques throughout this industry.”