North Korea Again Steals $1.5 Billion in Cryptocurrency
On February 21, the cryptocurrency exchange Bybit fell victim to a $1.5 billion hacking incident, once again placing the North Korean hacking organization Lazarus Group in the spotlight.
In recent years, this organization has repeatedly succeeded, from the theft at KuCoin exchange to the hack of the Ronin cross-chain bridge, and even the personal wallet of the founder of Defiance Capital; the mastermind behind these attacks is this mysterious hacking group.
You may wonder how North Korea, as one of the most closed-off countries in the world, has cultivated such remarkable strength in the digital battlefield.
In traditional military domains, North Korea finds it difficult to compete with the U.S.-South Korea alliance, but cyber warfare provides them with a strategic leverage of “using a little force to achieve a great effect.”
Since the 1980s, the North Korean government has devoted significant effort to hacker training, internally code-named “Secret War.”
Jang Se-yul, a North Korean defector who escaped to South Korea in 2007, previously attended Mirim University, North Korea’s top engineering school (now renamed University of Automation). During his time at university, Jang took courses offered by Bureau 121, the elite espionage agency under the North Korean government. It was during this time that he first engaged with top hackers from Bureau 121.
In an interview with Business Insider, Jang Se-yul stated that the threat posed by North Korea’s cyber warfare is more immediate and dangerous compared to its nuclear threats. He said, “This is a silent war. The battle has already begun without a shot fired.”
The question is, how can such a poor, resource-deprived country invest heavily in cyber warfare?
Jang Se-yul’s response is that it is very cheap to train a hacker.
Generally, North Korea is divided into three main classes: the basic masses (core class), complex masses (ordinary middle class), and hostile class remnants (descendants of landowners and wealthy farmers, etc.), further subdivided into 56 ranks. These classifications are recorded in the resident registry and are used during the cadre recruitment process.
Ahn Chan-il, chairman of the World North Korea Research Center, stated that in the past, North Korean hackers were also judged based on their background, as any decline in their loyalty to the party could pose a threat to the regime.
However, after the international community imposed comprehensive sanctions on North Korea, blocking its avenues for earning foreign currency, the country could only resort to illegal means through cyber attacks to earn foreign currency.
This has opened up a special pathway for cyber warfare talent, allowing for a more flexible recruitment process.
Jang’s alma mater, the University of Automation, is the core training base for North Korean hackers. He stated, “Each class only admits 100 students, but there are as many as 5,000 applicants.”
This can be seen as a PLUS version of university entrance exams. Once accepted, a hacker can become part of the top 1% in North Korea, but the process is also extremely arduous.
These young hackers undergo nearly nine years of rigorous training before being deployed, with the youngest starting their training at just 17 years old.
While at school, they attend six classes each day, each lasting 90 minutes, learning various programming languages and operating systems. They spend a significant amount of time analyzing programs like Microsoft Windows, studying how to breach the computer information systems of hostile countries such as the U.S. and South Korea.
Additionally, their core mission is to develop their own hacking programs and computer viruses, without relying on existing external hacking tools.
In Jang’s view, North Korean hackers are technically on par with the top programmers at Google or the CIA, and they may even be better.
From their first day of education, these “black soldiers” are assigned missions and goals, divided into different groups, focusing on attacking various countries and regions, such as the U.S., South Korea, and Japan. Once assigned to a specific “national group,” hackers will spend nearly two years infiltrating that country, learning the local language and cultural knowledge to avoid detection beyond their technical skills.
Jang mentioned that one of his friends worked for an overseas department of Bureau 121 but was ostensibly an employee of a North Korean trading company. No one knew his true identity, and his company operated normally.
Due to the unique nature of cyber warfare, these young hackers can freely use the internet, quickly grasping the latest developments abroad, while also being fully aware that their country is very “closed and conservative.” However, this does not shake their patriotism and loyalty to their leader.
“Even if others were to forcibly persuade them or offer them jobs at the South Korean presidential office, they would not betray their country,” Jang stated.
Of course, becoming a hacker also means money and privileges.
Young hackers can earn a monthly salary of up to $2,000, which is twice that of a foreign ambassador. In addition, they can receive luxurious apartments of over 185 square meters in central Pyongyang and relocate their families to the capital, undoubtedly enticing conditions.
In this new era where keyboards replace missiles, the keyboards of young hackers will become the Damocles’ sword over cryptocurrencies.
This article is collaboratively reproduced from: Deep Tide.