Research Shows - North Korea Hackers Likely Exploit Cloud Mining to Launder Stolen Crypto

image credit - techrepublic.com

North Korean hacking group APT43 is using cloud mining services to launder stolen cryptocurrencies, according to a study by Google-owned cybersecurity firm Montiant.

Cloud mining services have their own infrastructure and lease hash rate to users. A hash rate is a measure of the total computing power of a computer required to secure a cryptocurrency. According to a report published on Tuesday, APT43 uses the stolen cryptocurrency to pay for these services and receives non-criminal cryptocurrency.

According to Mandiant, the group is "moderately advanced" and supports the North Korean regime's strategic and nuclear ambitions. According to the report, it uses proceeds from cybercrime to finance its activities against South Korean and US government agencies, scientists and think tanks involved in the geopolitics of the Korean Peninsula.

To obtain encryption, APT43 steals credentials, often through phishing attacks. This means creating legitimate-looking websites, such as those disguised as cryptocurrency exchanges, to convince unsuspecting users to give up their personal information.

In high-profile digital heists like the $100 million Horizon Bridge heist, North Korean hackers are increasingly incorporating digital currencies into their operations, according to the FBI. Authorities around the world, particularly in the United States and South Korea, are scrambling to combat the threat.

Mandiant was acquired by Google and integrated into its cloud services in September 2022.