North Korea Backed Two Cryptocurrency Scams This Year, Says Report

North Korea Backed Two Cryptocurrency Scams This Year, Says Report

The North Korean government, as per a new report, has sponsored at least two cryptocurrency scams this year.

Recorded Future, the cybersecurity firm headquartered in Boston, U.S, had recently published a report in which details about these scams are given. The report, titled ‘Shifting Patterns in Internet Use Reveal Adaptable and Innovative North Korean Ruling Elite’, is based on data that the company’s research team Insikt Group had analyzed. The report’s Scope Note states “Insikt Group examined North Korean senior leadership’s internet activity by analyzing third-party data, IP geolocation, Border Gateway Protocol (BGP) routing tables, and open source intelligence (OSINT) using a number of tools. The data analyzed for this report spans from March 16, 2018 through August 30, 2018.”

While one of the two cryptocurrency scams is called Marine Chain, the other one relates to the scam coin, called Interstellar. The report says, “We have discovered an asset-backed cryptocurrency scam called Marine Chain operated by a network of North Korea enablers in Singapore, and at least one other scam coin, called Interstellar, Stellar, HOLD, or HUZU, also possibly tied to North Korea.”

The Insikt Group had detected the scam relating to the Interstellar Coin in June 2018. Cointelegraph.com reports, “The first scam coin allegedly backed by North Korea is called Interstellar coin, and was found by Insikt Group in June 2018. The coin has reportedly been rebranded a number of times, going by various names such as HOLD, HUZU, or Stellar. The latter should not be confused with the XLM token…According to the report, the HOLD coin has been listed and delisted on a series of crypto exchanges, eventually defrauding investors in a scam staking scheme.”

The Marine Chain cryptocurrency scam was detected in August 2018 and the fraudulent operations were based in Ontario. Canada. The Recorded Future report says, “We came across discussions of Marine Chain as a cryptocurrency in a couple of Bitcoin forums in August 2018. Marine Chain was supposedly an asset-backed cryptocurrency that enabled the tokenization of maritime vessels for multiple users and owners. Users on other forums pointed out that www[.]marine-chain[.]io was a near mirror image of another site, www[.]shipowner[.]io.”

The report further says, “Marine-chain[.]io has been hosted at four different IP addresses since its registration. From April 9, 2018 through May 28, 2018, marine-chain[.]io was registered at 104[.]25[.]81[.]109. During this time, this IP address also hosted a defunct crypto news site called allcryptotalk[.]net, which has not posted new content since June 2015, and the website for a fraudulent binary options trading company called Binary Tilt. This company was declared fraudulent by the government of Ontario, Canada, and dozens of users have posted testimonials of losses of tens to hundreds of thousands of dollars and scams on this site.”

Recorded Future’s Insikt Group had, in its earlier research, discovered North Korean leaders mining Monero and Bitcoin, though in a rather small scale. Recorded Group had also released, earlier this year, a report investigating potential links of some major crypto-exchange hacks with Lazarus, the North Korea-affiliated cybercrime group.

Julia Sowells960 Posts

Julia Sowells has been a technology and security professional. For a decade of experience in technology, she has worked on dozens of large-scale enterprise security projects, and even writing technical articles and has worked as a technical editor for Rural Press Magazine. She now lives and works in New York, where she maintains her own consulting firm with her role as security consultant while continuing to write for Hacker Combat in her limited spare time.

0 Comments

    Leave a Comment

    Login

    Welcome! Login in to your account

    Remember meLost your password?

    Don't have account. Register

    Lost Password
    Register