Hackers from North Korea are making headlines again, this time for going after the funds of users of South Korean cryptocurrency exchange UpBit.
The hackers allegedly sent a phishing email to UpBit users earlier this week. The email falsely claimed that the exchange needed additional customer information to process a nonexistent sweepstakes’ payout, according to information obtained by security firm East Security, CoinDesk Korea reports.
It’s reported that a file was attached to the email which claimed to contain more information about the payout but would in fact run malicious code when opened.
East Security believes the phishing email originated from the North Korean hacking group called Kim Soo-Ki.
It’s not the first time North Korea, hackers, and cryptocurrency have featured in the same story.
Earlier this year, a UN panel said the country has used hacking to amass $670 million in cryptocurrency to bypass international trade sanctions.
It’s not just the North Korean government using cryptocurrency, though. Political dissidents known as the Cheollima Civil Defense (CCD) were selling “post-liberation blockchain visas” for cryptocurrency to raise funds to overthrow Kim Jong-un.
North Korea is also home to the notorious hacking group known as Lazarus. Last October, the cryptocurrency-hacker syndicate was reported as the most profitable in the world, having stolen $882 million worth of cryptocurrency from online exchanges since 2017.
On this occasion though, researchers do not yet know the extent and damage caused by this phishing attempt. Hopefully, UpBit users had their wits about them and saw through the scam.