North Korea has been accused of hacking server networks to install mining scripts for the Monero cryptocurrency. A new Monero mining hacker group has been seizing control of servers over the past year. It’s now been linked back to North Korea.
Monero is privacy-oriented and easier to conceal than more mainstream alternatives such as Bitcoin and Ethereum. These qualities make it attractive to hacking groups looking to either steal or surreptitiously mine large quantities of cryptocash. Andariel obtained control of the target server without its real owners noticing.
It’s unknown whether Andariel has compromised other organisations. However, South Korean hacking analysis expert Kwak Kyoung-ju told Bloomberg that the unit is sophisticated and looking to broaden its targets. Kyoung-ju said Andariel is “going after anything that generates cash these days,” searching for cryptocurrencies or information which could be used to create money.
Andariel has now been tracked back to North Korea as the country finds itself accused of growing numbers of cyberattacks. After being hit with stricter sanctions and trade bans from the United Nations, the country is looking to alternative forms of income as the pressure on its economy increases. Hijacking foreign servers to mine lucrative digital cash could be one way to survive under the tougher sanctions.
In the past year, North Korea has been blamed by U.S. investigators for the WannaCry ransomware attack. The campaign affected thousands of Windows computers around the world last year and forced several major organisations to suspend their operations. Hackers exploited a vulnerability in unpatched versions of Windows to install the ransomware, forcing PC users to pay in Bitcoin before unlocking the machine.
As Computing notes, North Korea has also been implicated in a string of attempted attacks against the SWIFT international payments network used by major banks. The country is thought to have been involved in an attempt to steal over $950 million from Bangladesh’s central bank back in 2016. The operation was only aborted because the attackers got one word wrong.
This article was curated from Google News. You can read the original article here.