Hackers and cybercriminals, who are often responsible for the most vicious hacks, serve as a stark reminder of the critical importance of our digital security. One of the most notorious groups is the North Korean hacker army, which has conducted numerous cyberattacks and is engaged in a global cyberwar. Another group, known as APT43, has come under close scrutiny for allegedly laundering stolen funds into clean bitcoins using a cloud mining service. Recent analyses have shed new light on their activities.
APT43 Is a Hacker Group Working for the North Korean Government
Mandiant, a cybercrime firm that Google recently acquired, has claimed that APT43 is a group of autonomous hackers whom the North Korean government controls. In a 21-page report entitled “APT43: The North Korean Cybercrime Group’s Uses to Fund Spy Operations,” the company examined the potential blockchain activities of these hackers.
The report states that APT43 is considered “moderately sophisticated” but highly productive. The group is believed to be operating under the guidance of the North Korean government and uses the stolen funds to finance operations against their two preferred targets, the United States and South Korea.
APT43’s preferred modus operandi is phishing attacks, which involve creating fake websites that are exact replicas of legitimate cryptocurrency sites. The hackers then use these websites to obtain sensitive information, such as wallet passwords, which they can use to steal funds. Once the funds are stolen, they are laundered to hide their illicit origin.
Cloud Mining Is One of the Most Popular Money Laundering Methods of These Hackers
Hackers can launder stolen cryptocurrencies by using cloud mining, which is an alternative method of cryptocurrency mining to traditional mining. In cloud mining, the investor does not own the mining equipment but instead rents computing power (hashrate) from a mining farm. The hackers can rent mining equipment through a cloud mining service, pay a subscription fee, and receive remuneration for the mining activity without maintaining the equipment themselves. By using this method, hackers can effectively launder their stolen cryptocurrencies by converting them into clean bitcoins or other cryptocurrencies.
To launder funds through cloud mining, hackers can use the stolen cryptocurrency to invest in a cloud mining service or rental service to obtain hashing power. The mining process generates new, “clean” bitcoins or other cryptocurrencies that are not associated with the original stolen funds. The hackers can then transfer the newly mined cryptocurrencies to a different wallet or exchange to further obfuscate the trail of the original stolen funds. The cloud mining or hash rental service provides anonymity to hackers, making it difficult for law enforcement agencies to track down the stolen funds.