North Korea stole cryptocurrencies to fund its halted nuclear weapons and missile programs in 2020, a confidential UN report said. The experts estimated that from 2019 to November 2020 around $316.4 million in cryptocurrencies were stolen by the country. Apparently, financial institutions and exchanges were hacked to generate revenue for Pyongyang’s nuclear and missile development.
North Korea Stole Cryptocurrencies to Support Its Warfare and Economic Plans
Major media agencies reported on a confidential UN document revealing that North Korea had stolen a total of $316.4 million from financial institutions and crypto companies between 2019 and November 2020.
The stolen cryptocurrencies were used to support its warfare and economic plans. This is a clear sign that North Korea continues to try and sidestep international sanctions even during the COVID-19 pandemic.
The report also cited a September 2020 hack against the KuCoin cryptocurrency exchange that stole $281 million worth of cryptocurrency. That figure itself represented half of all cryptocurrencies that were stolen in 2020, according to cryptocurrency tracker firm Chainalysis. The North Korean hacker crew called Lazarus Group has been accused of carrying out a heist on the cryptocurrency exchange.
Cyberattacks Carried Out Using Social Networking Services and Phone Conversations
The UN draft report has been submitted to the Security Council’s North Korea Sanctions Committee reviewing the implementation of the measures on North Korea. The report will be made public after discussion and revisions by Security Council board member nations. The report will have no binding powers. Although, it could be referred to by the Security Council or member nations when imposing new sanctions on North Korea.
North Korean authorities carried out the cyberattacks using social networking services for businesses and approached personnel in companies related to the defense sector. The attackers apparently impersonated human resource officers in the sector. The process involved earning trust through phone conversations and text messages and then sending emails with malware attached to them.