The Trump administration is accusing three North Korean hacking groups of carrying out attacks targeting critical infrastructure and stealing millions of dollars from banks, cryptocurrency exchanges and more. to enable the country to finance the proletterweapons and missile systems.
All three groups are controlled by North Korea's first intelligence bureau, the Reconnaissance General Bureau, or simply RGB, according to the US Treasury Department. were published the manufacture.
These groups are behind a number of cyber attacks aimed at spying on the country's adversaries as well as generating revenue for nuclear weapons and ballistic missile programs.
Sigal Mandelker Deputy Minister of Finance and Financial Information of the Ministry of Finance said:
The Ministry of Finance is taking action against 3 North Korean hacking groups that are carrying out cyber attacks for the acquisition of illegal weapons and missile programs.
We will continue to impose existing US and UN sanctions against North Korea and work with the international community to improve cyber security.
The most famous of the three hacking groups is the team Lazarus. The name has been given to the group since 2007 and targets military, government and companies in the economy, manufacturing, publishing, media, entertainment and shipping industries.
The FBI linked the Lazarus group to the hack of 2014 on Sony Pictures who destroyed data on thousands of the company's computers and posted annoying emails to company executives in retaliation for the production of a film depicting the assassination of the North Korean leader.
The work of the same team was also WannaCry which had spread to 150 countries and crashed about 300.000 computers. Many hospitals in the UK were hit particularly hard, with more than 19.000 appointments being cancelled. The losses of the country's National Health Service reached 112 million dollars.
But the US is also accusing two subgroups of Lazarus.
The first hacking group from these subgroups is known as Bluenoroff. The group was created as a means to earn revenue after increased global sanctions against the North Korean government. This is the team behind a 2016 hit at a Bangladeshi central bank. The hackers managed to steal a total of $ 851 million, and would have continued unmolested if a typographical error had not prevented one of the illegal transactions, resulting in an alarm. Despite the typographical error of the last transaction, the attackers managed to leave with 81 million dollars.
Bluenoroff has also successfully hacked banks in India, Mexico, Pakistan, the Philippines, South Korea, Taiwan, Turkey, Chile and Vietnam.
Εταιρείες ασφαλείας όπως την Symantec και την FireEye, έχουν καταγράψει το έργο αυτής της υποομάδας του hacking group Lazarus καθώς εκμεταλλεύονταν συστηματικά τις αδυναμίες του δικτύου payments SWIFT που χρησιμοποιούν οι τράπεζες σε όλο τον κόσμο. Το όνομα Bluenoroff δημιουργήθηκε το 2017 από ερευνητές της Kaspersky Lab, οι οποίοι ήταν οι πρώτοι που ανέφεραν ότι η ομάδα ήταν αυτόνομη και υπομονάδα του Lazarus hacking group. Το όνομα της ομάδας βασίστηκε σε ένα εργαλείο που χρησιμοποιούσε και ονομαζόταν “nroff_b.exe”.
The other subgroup of the Lazarus hacking group is known as “Andariel”. It focuses on hacks aimed at foreign, financial businesses services and government services. Security firms first noticed Adariel around 2015 when it hit targets in South Korea. It was discovered by South Korea's Internet and Security Agency, or Kisa.
Trend Micro has publish the following image, which accurately shows the work of North Korean hacking groups:
Friday's announcement also said North Korea's three hacking groups may have stolen $ 571 million in cryptocurrencies from five stock exchanges in Asia from January 2017 to September 2018. News agencies such as Reuters reported that the United believe that the hacking of North Korean groups has brought in $ 2 billion in profits that have been used for weapons of mass destruction programs.
It is unclear how the sanctions announced will affect North Korea, as if the UN estimate of $ 2 billion is correct, it is hard to imagine that Friday's announcement would have any practical effect.
Unless it's another Trump administration propaganda game that has (?) Only bargaining power…