North Korea allegedly has about 6,000 hackers, many of whom operate abroad, according to a recent report published by the U.S. Army. The infamous Lazarus Group, thought to be linked to a number of cryptocurrency exchange hacks, is among them.
North Korea’s Bureau 121
The U.S. Army recently published a document entitled “North Korean Tactics.” The 332-page “Army Training Publication (ATP) 7-100.2,” dated July 24, describes “North Korean tactics for use in Army training, professional education, and leader development.”
A section of the document discusses “computer warfare,” which it says consists of “attacks focusing specifically on computer systems, networks, or nodes.” Examples given are “Unauthorized access (hacking) of information systems for intelligence-collection purposes” and “Insertion of malicious software (viruses, worms, logic bombs, or Trojan horses).”
The document explains that the primary organization in North Korea responsible for computer warfare is Bureau 121, elaborating:
There are over 6,000 members in Bureau 121, many of them operating from other countries, such as Belarus, China, India, Malaysia, and Russia.
According to the U.S. Army document, “North Korean computer hackers have even been able to access secure systems and steal South Korean war plans.” In 2009, North Korea’s Mirim College was graduating approximately 100 cyberspace hackers per year for the Korean People’s Army, the document adds.
There are four groups under Bureau 121: The Andarial Group with about 1,600 members, the Bluenoroff Group with about 1,700 members, the Electronic Warfare Jamming Regiment, and the Lazarus Group, which has been linked to a number of cryptocurrency-related hacks.
The infamous Lazarus Group, with an unknown number of members, is said to be behind some cryptocurrency exchange hacks. In March this year, the U.S. Department of the Treasury’s Office of Foreign Assets Control sanctioned two Chinese nationals linked to the group. They allegedly laundered stolen cryptocurrency worth over $100 million from an exchange. The Treasury explained that the Lazarus Group leveraged malware code from the now-defunct cryptocurrency application Celas Trade Pro, creating illegitimate websites and malicious software to conduct phishing attacks against the cryptocurrency sector. The group also allegedly unleashed the Wannacry ransomware in 2016–2017, causing massive disruptions worldwide.
A U.N. report published last year claims that North Korea had amassed $670 million in cryptocurrencies, including bitcoin, through hacking. There are also reports of North Korea mining cryptocurrency. In February, data suggests the country’s monero (XMR) mining increased 10-fold.
What do you think of North Korea’s army of hackers? Let us know in the comments section below.
Image Credits: Shutterstock, Pixabay, Wiki Commons
Disclaimer: This article is for informational purposes only. It is not a direct offer or solicitation of an offer to buy or sell, or a recommendation or endorsement of any products, services, or companies. Bitcoin.com does not provide investment, tax, legal, or accounting advice. Neither the company nor the author is responsible, directly or indirectly, for any damage or loss caused or alleged to be caused by or in connection with the use of or reliance on any content, goods or services mentioned in this article.