For years, North Korea’s Kim dynasty has made money through criminal schemes like drug trafficking and counterfeiting cash. In the last decade, Pyongyang has increasingly turned to cybercrime—using armies of hackers to conduct billion-dollar heists against banks and cryptocurrency exchanges, such as an attack in 2018 that netted $250 million in one fell swoop. The United Nations says these actions bring in vast sums which the regime uses to develop nuclear weapons that can guarantee its long-term survival.
But there is a big difference between hacking a cryptocurrency exchange and actually getting your hands on all the cash. Doing that requires moving the stolen cryptocurrency, laundering it so no one can trace it, and then exchanging it for dollars, euros, or yuan that can buy the weapons, luxuries, and necessities even bitcoins cannot.
“I’d say the laundering is more sophisticated than the hacks themselves,” says Christopher Janczewski, a lead case agent at the IRS who specializes in cryptocurrency cases.
Janczewski sees a lot of action these days. He led investigations into the recent hack that affected verified Twitter users, and into the Bitcoin-funded activities of the darknet’s largest site for images of child sexual abuse. Janczewski was most recently the lead investigator in a case to trace and seize $250 million in cryptocurrency from an unprecedented streak of multimillion-dollar hacks allegedly carried out by the North Korean hacking team known as Lazarus Group.
And, he says, Lazarus’s tactics are continuously evolving.
Washing dirty money clean
Once Lazarus has successfully hacked a target and taken control of the money, the group attempts to cover up its trail to throw off investigators. These tactics typically involve moving coins to different wallets and currencies—for example, switching from ether to Bitcoin.
ut the North Korean playbook has evolved in the last few years. One tactic, known as a “peel chain,” moves money in rapid and automated transactions from one Bitcoin wallet to new addresses through hundreds or thousands of transactions in a way that both hides the source of the money and lessens the risk of setting off red flags. Another approach, called “chain hopping,” moves the money through different cryptocurrencies and blockchains to get it away from Bitcoin—where every transaction is posted to a public ledger—and into other, more private currencies. The idea is to make the trail go cold or, better yet, raise false alarms for investigators.
The Lazarus laundering operation, says Janczewski, involves creating and maintaining hundreds of false accounts and identities, a consistent level of sophistication and effort that underlines just how important the operation is for Pyongyang. It’s extremely difficult to name a precise amount, but experts have estimated that North Korea relies on criminal activity for up to 15% of its income, with a significant portion of that driven by cyberattacks.
A quiet arms race
Stealing cryptocurrency is far from the perfect crime, however. Police and regulators were once almost clueless, but they now have years of cryptocurrency investigation experience under their belts. In addition, they are gaining increasing levels of cooperation from exchanges, which face government pressure and want greater legitimacy. Investigators have moved from being perpetually on the back foot to being more proactive, with the result that many exchanges have responded with new rules and controls that simply did not exist before. Blockchain surveillance tools are powerful and increasingly widespread, proving that cryptocurrency is not as anonymous as popular myth might have it. It turns out the state still has plenty of power even in this cypherpunk world.
Please read the full article from the SOURCE
The last article about “Hackers” published at “Polymer Industry Media International” was: An American Cyber Expert Warned About Possible Destructive Cyberattacks Against US
Hyperlinks added by “PIME Editorial Team”