A report unveiled by the U.S. Army reveals that North Korea now has more than 6,000 hackers stationed in countries such as Belarus, China, India, Malaysia, Russia, among others.
The operations of four sub divisions are overseen by Bureau 121, the cyber warfare guidance unit of the hermit nation.
The report, named North Korean Tactics, suggests the hackers do not exclusively launch cyberattacks from North Korea itself, as the country lacks the IT infrastructure to deploy the massive campaigns.
Financial crimes division
The “financial crime division” called the Bluenoroff Group has around 1,700 members and is dedicated to crypto crimes “by concentrating on long-term assessment and exploiting enemy network vulnerabilities."
The most famous outfit, the Lazarus Group, has conducted numerous high profile cryptocurrency exchanges hacks and unleashed the WannaCry malware between 2016 and 2017. It was also behind the infamous Sony Pictures hack.
Its mission is to “create social chaos by weaponizing enemy network vulnerabilities and delivering a payload if directed to do so by the regime.” However, the U.S. Army was unable to estimate how many hackers are in the division.
In March, the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) sanctioned two Chinese nationals accused of laundering cryptocurrency that was stolen in a 2018 crypto exchange hack linked to the Lazarus Group. OFAC accused Yinyin Tian and Juiadong Li of assisting “a malicious cyber-enabled activity.”
According to the latest reports, the North Korea-based cybercriminals are suspected to be using untraceable privacy coins to convert stolen funds into cash.