U.S. Authorities Investigating Cyptocurrency-Related Attacks From North Korea: Report

Omar Faridi

U.S. intelligence authorities have reportedly accused North Korean hackers of orchestrating large-scale cybercrimes involving cryptocurrency hacks, mining and bank theft.

According to the Korea Herald, U.S.-led political and economic sanctions have motivated North Korean actors to carry out various security breaches. These allegedly included a major hack of Sony Pictures Entertainment in 2014, a large-scale bank robbery in Bangladesh in 2016, and the WannaCry ransomware attack in 2017.

North Korean Hackers Charged for Alleged Involvement in Cryptojacking By DOJ

As reported by U.S. broadcasting service Voice of America (VOA), Tonya Ugoretz, the Deputy Assistant Director of the Federal Bureau of Investigation’s (FBI) Cyber Intelligence Unit, recently confirmed that evidence suggests North Korean hackers were behind several security breaches - which reportedly led to the loss of millions of dollars in cryptocurrency.

In September 2018, the U.S. Department of Justice (DOJ) charged a North Korean hacker, named Park Jin-hyok, for allegedly being involved in several different cryptojacking incidents. Elaborating on the potential reasons for these attacks, Ugoretz told VOA:

Sanctions are having an economic impact, so cyber operations are a means to make money, whether it’s through cryptocurrency mining or bank theft.

FBI Making Concerted Effort to Combat Cryptojacking

Meanwhile, Erin Joe, Head of the Cyber Threat Intelligence Integration Center under the Director of the U.S. National Intelligence Agency, noted during a conference that American government agencies were primarily concerned with North Korea’s involvement in launching cryptocurrency-related cyberattacks.

While speaking at the conference, arranged by U.S.-based think tank, the Aspen Institute, Joe revealed:

There is a huge effort in the FBI, and also several other entities across government, looking at ways to stop malicious activity [associated with] cryptocurrency.

Joe, who has more than 22 years of experience in investigating criminal operations and national security issues, as a Special Agent in FBI, explained that cryptojacking (hogging the computing resources of unsuspecting users to selfishly mine cryptocurrencies) is “a relatively new thing.”

Cyber Threats Coming from China, Iran, Russia

She added that it “comes with a variety of issues that [authorities] need to learn more about,” so that they can look for ways to prevent malicious entities from exploiting loopholes in computer systems throughout the world.

Other cybersecurity-related topics discussed during the recent conference included conversations around how to use deterrence techniques to prevent online financial crimes. In addition to citing serious concerns regarding crypto-related cyber threats from North Korea, U.S. government agencies are also reportedly investigating similar exploitative activity in regions located in China, Iran, and Russia

'Big Spender' Bitcoin Wallet Exploit Is an 'Issue With BTC Itself', Says BCH Supporter

Michael LaVere
  • Crypto security firm ZenGo has identified a double-spend exploit dubbed "BigSpender" which affected popular bitcoin wallets.
  • Exploit allows an attacker to cancel a bitcoin transaction without the receiving user knowing. 

A crypto security firm has identified a double-spend exploit targeting popular bitcoin wallet providers. 

According to a report by ZenGo, the security firm has discovered a double and multiple spend wallet exploit for bitcoin dubbed “BigSpender.” The report claims the exploit allows an attacker to cancel a bitcoin transaction but still have it appear in a victim’s vulnerable wallet. 

The report reads, 

The core issue at the heart of the BigSpender vulnerability is that vulnerable wallets are not prepared for the option that a transaction might be canceled and implicitly assume it will get confirmed eventually.

As CryptoGlobe reported, ZenGo found that a user’s balance would be increased following an unconfirmed incoming transaction, without a subsequent decrease in the event the transaction being double-spent. The firm outlined how an attacker could use the exploit to cancel transactions of sent bitcoin while still receiving goods and services in return. 

The security firm tested nine popular cryptocurrency wallets and found BRD, Ledger Live and Edge to be vulnerable to the exploit. All three companies were notified by ZenGo of the threat and subsequently updated their products. However, the firm noted that “millions” of crypto users may have been exposed to the attack prior to the update. 

Bitcoin Cash supporter Hayden Otto told Cointelegraph the exploit is particularly concerning for bitcoin-accepting merchants. 

He said, 

The technique is facilitated by RBF (replace by fee), a so-called ‘feature’ added at the protocol level by the Bitcoin Core developers.The issue exists if you use BTC. Wallet software can only make some trade off, which results in a worse BTC user experience, in order to try to protect BTC users.

Otto claimed the exploit was derived from “an issue with BTC itself” and had little to do with wallet software. 

Featured Image Credit: Photo via Pixabay.com