Regulation

North Korean cryptocurrency hacking methods becoming more sophisticated

A report by the MIT Technology Review outlines the greater depth and sophistication in which North Korean hackers are stealing and cashing out cryptocurrency. They continue to use cryptocurrency to evade international economic sanctions imposed by the United States, the UN, and other organizations.

courtesy

The report estimates that Pyongyang now employs a veritable army of hackers to perform cryptocurrency heists worth upwards of a billion dollars in total against banks and exchanges.

The hackers there have kept the movements of their fraudulently-acquired cryptos incognito by using the ‘peel chain’ tactic. Via ‘peel chain,’ users move cryptos, such as Bitcoin, between wallets over hundreds or thousands of transactions as a means of hiding the source of the coins, thereby reducing the risk of raising red flags at their desired off-ramp.

Their methods have evolved over time to include chain hopping as well. With chain hopping, cryptocurrency may be posted to a public ledger such as Bitcoin or Ethereum, then converted to a privacy token and converted back to a public ledger so as to mask the true origin of the coins. This tactic is most likely used when the trail is becoming too hot.

By utilizing these methods, Chainalysis head of policy Jesse Spiro says “It is difficult to determine the actual flow of the coins because of the wide distribution and conversions that are done to mask their origins.”

Impressive Money Laundering

The MIT report featured Christopher Janczewski, a lead case agent at the IRS who specializes in cryptocurrency cases. Janczewski noted that the most impressive aspect of the North Koreans’ ongoing operation is how they are laundering the fiat currency after cashing out the cryptocurrency.

If the stolen cryptocurrency’s source can be determined by a potential buyer, that buyer will be less likely to make the purchase of coins from North Korea since they can be implicated in the crime as well. As a result, the hacker army in the hermit kingdom have devised a scheme to unload virtually all of their coins in China at over-the-counter (OTC) trading desks.

OTC trading desks offer simple, low-tech, quick options for traders to unload vast amounts of cryptocurrency at a time or over the course of a series of transactions. In exchange for cryptocurrency, they offer any number of different fiat currencies. Such a method would be attractive to the money laundering operation seen in North Korea.

Encrypted messaging services with self-destructing messages and anonymous wallet addresses further conceal unlawful crypto transactions. Compound that with MIT’s estimate that “the top 100 over-the-counter traders engaging in money laundering receive hundreds of millions of dollars in Bitcoin every month, accounting for around 1% of all Bitcoin activity,” and global law enforcement have their work cut out for them. All is not hopeless, however.

Although some OTC trading hubs may be up to nefarious schemes, not all are. Furthermore, blockchain technology offers the benefit of immutability. Even the popular privacy blockchain Monero may soon be traceable if the IRS can realize their ambitions.

Oojin Mudgett from BCW, a global leader in strategy and management, works closely with digital asset infrastructure. He notes, “Crypto OTC can stay relatively obscure by utilizing encrypted messaging services for deal flow, leaving their trail of bread crumbs on-chain for forensics analysts to scour.”

Soft consequence for hard crimes

Currently, law enforcement officials can merely watch money laundering on a national scale take place between North Korea, China, and others. USA law officials already know about chain hopping and peel chain tactics being used but do not have the authority to stop it. They also acknowledge that although the vast majority of transactions made via blockchain are not illegal, a great deal of them are.

So far, the US government has put sanctions on two Chinese nationals who “materially assisted, sponsored, or provided financial, material, or technological support for, or goods or services to or in support of, a malicious cyber-enabled activity” in connection with North Korean hacking operations. Police pinpointed one group as the perpetrators of hacks committed in March. In August, the North Korean group used the same compromised wallets in conjunction with the Chinese individuals.

North Korea cryptocurrency hacking is not a new topic, either. US officials have known for years about their use of cryptocurrency to evade sanctions. Officials now can see a dramatic evolution in their methods so as to truly lose the tail of law enforcement at many turns.

Tags

Related Articles

Back to top button
Close
Close