Image: Cointelegraph

North Korean leader Kim Jong-un is reportedly backing a group of hackers. Their goal? Stealing cryptocurrencies like Bitcoin (BTC) using phishing scams. Sources indicate that the country has ramped up these efforts in an attempt to prevent a financial meltdown amid the Covid-19 crisis, Cointelegraph reported, citing an article in a British tabloid.

The UK Mirror claims that the Lazarus group, a hacking syndicate with alleged ties to the North Korean state, could be launching a cybercrime campaign of advanced persistent threat, or APT, attacks.

Experts from a Seoul-based firm, ESTsecurity, said Lazarus is “increasingly engaging” in cybercrime activities in and out of South Korea. Still, they have also received reports that some attacks are being made internationally in countries like the United States.

Lazarus group is ‘serious threat’

The attacks are mainly aimed at people trading crypto, as the group sends malicious files that impersonate blockchain software development contracts.

Speaking with Cointelegraph, Brett Callow, threat analyst at malware lab, Emsisoft, explained that the group of hackers is also known as “HIDDEN COBRA”. He commented: “The Lazarus Group, or HIDDEN COBRA, undoubtedly represent a serious threat and have been blamed for a number of significant security incidents including the WannaCry attack, the Sony breach, and the 2017 attacks on users of various cryptocurrencies. Some reports have claimed the group is North Korean and may be a state-sponsored actor, but this may or not be correct.”

Callow warns that ascribing ties with the Lazarus Group to the North Korean government is “extremely difficult.”. He points out that even if the claims are well-evidenced, they may “nonetheless be wrong.”

The hacking group, famous for allegedly hacking Sony Pictures over the release of the film The Interview, has been accused of stealing more than $570 million worth of crypto from exchanges.

In a press release on April 27, ESTsecurity warned: “They are also engaging in cyber-espionage operations as well as activities designed to generate foreign currency.”

Asia Times Financial is now live. Linking accurate news, insightful analysis and local knowledge with the ATF China Bond 50 Index, the world's first benchmark cross sector Chinese Bond Indices. Read ATF now.