Subscribe to our Telegram channel
North Korean hackers are engaged in espionage without government support, but thanks to permission to steal cryptocurrencies
Cybersecurity experts at Mandiant have published detailed information about the North Korean hacker group APT43, which independently finances its activities through cybercrime operations. The group uses the stolen funds to support espionage campaigns against government organizations in South Korea, the United States, Japan, and the European Union.
Mandiant’s experts have been tracking APT43 cybercrime since 2018, but only now have they found evidence that one specific group of attackers is involved in these attacks. Researchers have reported that APT43 hackers, also known as Kimuski, support the interests of the North Korean regime.
According to Mandiant’s report, APT43's cyber espionage campaigns primarily involve gathering strategic intelligence related to North Korea’s geopolitical interests. «APT43 maintains a high pace of activity. The group is actively conducting phishing and credential collection campaigns and demonstrates coordination with other elements of the North Korean cyber ecosystem ,» the researchers concluded.
The ultimate goal of APT43's malicious campaigns is to contribute to North Korea’s weapons program. Hackers are interested in collecting information about international negotiations, sanctions, foreign and domestic policies of different countries.
North Korean hackers have long been active in the cryptosphere, hacking protocols and stealing digital assets. Over the past five years, they have stolen at least $ 1.2 billion. In February, the United Nations (UN) presented a report to the North Korea Sanctions Committee, according to which North Korean hackers stole more cryptocurrencies in 2022 than in any other year.