Cybersecurity firm Mandiant, a Google subsidiary, has identified a group of North Korean hackers using cloud computing to conduct a cryptocurrency laundering operation.
The group is known as APT43 and is characterized by Mandiant as a “prolific threat actor operating on behalf of the North Korean regime.”
Mandiant has released a report that outlines the tactics APT43 uses to carry out its cybercrime operations, which include espionage against South Korean, European, and U.S.-based government organizations, academics, and think tanks.
- The report concludes that APT43 has targeted cryptocurrency and cryptocurrency-related services to sustain its operations, thus “reducing fiscal strain on the central government.”
- Based on its findings, Mandiant alleges that APT43 likely uses “harsh rental and cloud mining services to launder stolen cryptocurrency into clean cryptocurrency.”
- Cloud mining is a method of mining cryptocurrency that involves using rented cloud computing power without having to install and run the hardware and software.