A cybersecurity company said it has found software that appears to install code for mining cryptocurrency and sends any mined coins to a server at a North Korean university, the latest sign that North Korea might be searching for new ways to infuse its economy with cash. The application, which was created on Dec. 24, uses host computers to mine a cryptocurrency called Monero. It then sends any coins to Kim Il-sung University in Pyongyang, cybersecurity firm AlienVault said. “Cryptocurrencies may provide a financial lifeline to a country hit hard by sanctions, and as a result, universities in Pyongyang have shown a clear interest,” the California-based security firm said in a release, adding that the software “may be the most recent product of their endeavors.” The company added a caveat that a North Korean server used in the code does not appear to be connected to the wider Internet, which could mean its inclusion is meant to trick observers into making a North Korean connection.
Kim Il-sung University did not immediately respond to requests for comment. Government officials representing North Korea at the UN were not immediately available for comment. Others have flagged increasing signs of North Korean interest in cryptocurrencies and their underlying blockchain technology. “With economic sanctions in place, cryptocurrencies are currently the best way to earn foreign currency in North Korea’s situation. It is hard to trace and can be laundered several times,” ESTsecurity chief analyst Mun Chong-hyun said. Cryptocurrency watchers say technical details of Monero, the 13th-largest crypto asset in the world, according to
www.coinmarketcap.com, make it more appealing than bitcoin to those who value secrecy.
Monero funds go to an unlinkable, one-time address generated with random numbers every time a payment is issued. That makes it less traceable than bitcoin, for which transactions can be linked to specific private addresses, cybersecurity experts said. Marshal Swatt, an expert in blockchain technology and financial exchange, said cryptocurrencies’ independence from government regulation — and sanctions — make them logical choices for covert transactions. Cybersecurity firm FireEye in a November blog post cited a series of North Korean activities against South Korean cryptocurrency targets such as exchanges. “It should be no surprise that cryptocurrencies, as an emerging asset class, are becoming a target of interest by a regime that operates in many ways like a criminal enterprise,” analyst Luke McNamara wrote.
In early November, Federico Tenga, the Italian cofounder of bitcoin start-up Chainside, posted on Twitter photographs and comments on his visit to the Western-funded Pyongyang University of Science and Technology to lecture on bitcoin and blockchain. “The lectures were at a quite basic level to give a general understanding of blockchain technologies, which are also very relevant to trade, supply chains and other e-business,” a university spokesman said. “We believe this teaching can give the next generation of North Korean professionals additional concepts that may be valuable as they seek to develop their country,” the spokesman added. “We’re acutely aware of issues around sanctions, which we keep under regular review and take care to avoid any sensitive or proscribed areas.”
MORE