The malware discovery comes at a time when North Korea looks for alternative forex income faced with UN-backed international sanctions.
The cryptocurrency craze continues well into the new year, and everyone wants to get in on the action. Security researchers have discovered a software that mines cryptocurrency and then sends the mined coins to a North Korean University. The security researchers based at the security firm Alien Vault said that they discovered the application on the 24th of December. The application uses some affected host computer CPU power to mine Monero. After the coins are mined, the software then sends the coins to the Kim Il Sung University in the North Korean capital, Pyongyang.
North Korea has been hit by sanctions by the UN and the US because of their nuclear proliferation agenda, and as a result, they have been short of foreign currency. The new initiative is probably a plan by the government to rake in some foreign currency of their own. In their release of the findings, the researchers said that the mining of cryptocurrencies could be a lifeline for the tightly squeezed country. It is no surprise then that some universities in the country are looking at mining virtual currencies for income.
Just recently, the Pyongyang University of Science invited some foreign tutors and experts to help lecture on cryptocurrency and the industry. The Installer that the researchers analyzed is believed to be a product of that venture.
However, the researchers also noted that the server they analyzed might have been used to trick people into thinking the money is going to the Asian country. The researchers said that if the developer behind the mechanism was at the university, it could be a foreigner because there are many foreign lecturers students at the university. The researchers noted that it was unclear who it was or whether it was an attack, or maybe the mining operation is legitimate at all.
Many crypto hijacking websites have been seen on the market ever since the industry started blossoming. Crypto-miners are increasing as they try to tap into the lucrative industry of mining coins and selling them. Researchers also showed that the North Korean government tried to attack South Korean based cryptocurrency services heavily last year.
However, the security researchers at Alien Vault said that it was highly unlikely that the new crypto mining attack was in any way linked to the earlier attacks. The earlier attacks were carried by the North Korean government proxy hackers called the Lazarus Group.