+ A

North Korea tried to steal local bitcoin

Sept 28,2017
North Korean hackers targeted at least four local bitcoin exchanges earlier this year to steal digital currency, but failed, South Korea’s cyber police said Wednesday.

No damage has been reported yet. The breaches occurred from July 5 to Aug. 8 by hackers in North Korea, who used a form of attack known as “spear-phishing,” sending emails that appear innocuous but contain malicious software applications, according to police. The hackers sent 10 emails to 25 workers each at four different bitcoin exchanges, disguising themselves as officials from South Korean public institutions such as the police, prosecution, Seoul city government or Financial Security Institute. But none of the recipients opened their emails. If they had, said police, their computers would have been infected with a virus, enabling the hackers to infiltrate the companies’ network systems.

Authorities concluded the attacks were from North Korea because the hackers used the same IP address known to be used by the country in previous attacks. Of the nine fake email addresses the hackers used for the scheme, seven were from the local portal giant Naver, one was from Gmail and the other was from a different foreign website, police said. Four were stolen, while five were newly produced. Among the five email addresses newly made, two had gone through a smartphone authentication procedure. Police later found out the smartphones were hacked.

On Tuesday, Liberty Korea Party Rep. Shim Jae-cheol, a member of the parliamentary Strategy and Finance Committee, said North Korea tried to hack South Korea’s central bank on “multiple occasions” this year as well, but failed. Local defense contractors, on their part, are trying to block any possible attack in the future by separating their internal network systems from external web services, said Moon Sang-gyun, spokesman for the National Defense Ministry.

BY LEE SUNG-EUN [lee.sungeun@joongang.co.kr]