World

North Korean Hackers Stole Over $1 Billion and Destroyed Computers Around the World, Reports Reveal

As President Donald Trump claims that he and North Korean leader Kim Jong Un  “fell in love” over “beautiful letters,” hackers from the rogue regime are working diligently to steal millions of dollars from financial institutions and funnel them back into Kim’s coffers.

New research by the cybersecurity firm Fire Eye demonstrates that the APT38, a North Korean government–linked hacking group, is targeting financial institutions around the world in an attempt to pilfer over $1.1 billion since 2014. The group has also conducted widespread espionage and reconnaissance against international financial institutions. These operations often leave the victims’ computer systems completely destroyed.

“The group has compromised more than 16 organizations in at least 11 different countries, sometimes simultaneously, since at least 2014. Since the first observed activity, the group's operations have become increasingly complex and destructive,” reads the report released Wednesday. 

“APT38 executes sophisticated bank heists typically featuring long planning, extended periods of access to compromised victim environments preceding any attempts to steal money, fluency across mixed operating system environments, the use of custom developed tools, and a constant effort to thwart investigations capped with a willingness to completely destroy compromised machines afterwards,” the report continues.

The group generally targets financial institutions and inter-bank financial systems to obtain large sums of money. Banks have been targeted in the U.S, Vietnam, Turkey, Mexico, India, Ecuador, Chile and Bangladesh, among other countries. The group has also targeted financial governing bodies and media organizations that focus on economics. During the height of the bitcoin bubble of 2016, the hackers targeted media outlets that covered cryptocurrency-related stories. 

851752218-594x594 This picture taken on September 21, 2017 and released from North Korea's official Korean Central News Agency (KCNA) on September 22 shows North Korean leader Kim Jong-Un delivering a statement. North Korean hackers have stolen over $1.1 billion from financial institutions around the world. STR/AFP/Getty Images

Meanwhile, a separate report by the Foundation for Defense of Democracies, also released Wednesday, noted that North Korea’s hackers pose a significant risk to national security despite being significantly less skilled than hackers from China or Russia.

“Fifteen or even 10 years ago, when analyzing potential blowback to U.S. sanctions on North Korea or U.S.-South Korean military exercises, there was never a consideration of the Kim regime’s ability to target the U.S. economy,” Samantha Ravich, senior adviser and principal investigator of FDD’s cyber-enabled economic warfare project, said in a statement. “Now, North Korea has one of the most capable and aggressive cyber operations. Facing intense U.S. economic sanctions, Pyongyang may consider using its cyber capabilities to attack the U.S. economy.”

Researchers noted that most of the regime’s focus is on making and stealing money for the North Korean regime, as well as collecting data from foreign governments. According to journalist Bob Woodward’s recent book Fear, the Obama administration tentatively thought about launching offensive cyberattacks against North Korea in retaliation for the rogue regime’s 2014 hack against Sony Pictures, but the administration ultimately nixed the plan so as not to provoke China.

“To launch broader cyber attacks effectively, the National Security Agency would have to go through servers that North Korea had in China. The Chinese would detect such an attack and could conclude it was directed at them, potentially unleashing a cataclysmic cyber war,” the book reads.

Editor's Pick