Date:: July 15, 2017
Tags:: Andariel
"Malware designed to mine Monero and send any mined currency to servers located at Kim Il Sung University in Pyongyang was analysed.
Separately, according to another report, the Republic of Korea Financial Security Institute specifically attributed a similar cryptojacking attack on an Republic of Korea company’s computer to Democratic People’s Republic of Korea hackers.
According to the report, the malware is believed to have generated approximately - $25,000 worth of Monero for the hackers who deployed the malware. Given the increased anonymity of Monero, it is difficult to determine the total amount of revenue that the Democratic People’s Republic of Korea may be generating from such attacks.
Nevertheless, this cryptojacking incident suggests the increasingly sophisticated use of cryptojacking by the Democratic Republic of Korea and its willingness to use malware to generate cryptocurrency through mining for the benefit of the regime."
A hacking unit called Andariel seized a server at a South Korean company in the summer of 2017 and used it to mine about 70 Monero coins -- worth about $25,000 as of Dec. 29 -- according to Kwak Kyoung-ju, who leads a hacking analysis team at the South Korean government-backed Financial Security Institute.
The case underscores the increasing appetite from cyber-attackers for digital currencies that are becoming a source of income for the Kim Jong Un regime. North Korea is accelerating its pursuit of cash abroad as the world tightens its stranglehold on its conventional sources of money with sanctions cutting oil supplies and other trade bans.
“Andariel is going after anything that generates cash these days,” said Kwak. “Dust gathered over time builds a mountain.”