In the cryptocurrency ecosystem, coins have a story, tracked in the unchangeable blockchains underpinning their economy. The only exception, in some sense, is cryptocurrency that’s been freshly generated by its owner’s computational power. So it figures that North Korean hackers have begun adopting a new trick to launder the coins they steal from victims around the world: pay their dirty, stolen coins into services that allow them to mine innocent new ones. Today, cybersecurity firm Mandiant published a report on a prolific North Korean state-sponsored hacking group it’s now calling APT43, sometimes known by the names Kimsuky and Thallium. The group, whose activities suggest its members work in the service of North Korea’s Reconnaissance General Bureau spy agency, has been primarily focused on espionage, hacking think tanks, academics, and private industry from the US to Europe, South Korea, and Japan since at least 2018, mostly with phishing campaigns designed to harvest credentials from victims and plant malware on their machines.
Full analysis : North Korea Is Now Mining Crypto to Launder Its Stolen Loot.