According to cybersecurity firm Inksit Group, state-funded hackers in North Korea have been targeting crypto exchanges in South Korea to circumvent various sanctions imposed on the regime.

The security firm alleged the government of North Korea of running illicit initial coin offering (ICO) projects and breaching into large crypto exchanges.

“We discovered that North Korea’s ruling elite are technologically savvy, use a full range of older and cutting-edge computers, phones, and devices, use the internet as a tool for sanctions circumvention, and recently shifted to embrace Chinese social networking services over Western ones,” the Inksit Group said.

Why North Korea is Targeting Cryptocurrency

Like Iran, North Korea is isolated from the SWIFT network, the global financial system which international banks utilize to process cross-border payments. Consequently, it has become significantly difficult for North Korea to trade products and conduct businesses with international companies.

In January, Inksit Group and Recorded Future claimed that North Korea was behind several high profile security breaches suffered by South Korea’s cryptocurrency exchanges.

In a report entitled “North Korea Targeted South Korean Cryptocurrency Users and Exchange in Late 2017 Campaign,” the cybersecurity firm stated that identical malware used in the Sony Pictures hacking attack and WannaCry ransomware was used in breaching into Coinlink, a local cryptocurrency exchange.

At the time, Inksit Group alleged Lazarus Group, a state-supported hacking organization in North Korea, for taking part in the Bithumb attack. Lazarus Group is suspected of having distributed Hangul Word Processor (HWP) files, which are equivalent to Microsoft Word documents in South Korea, to target employees of crypto exchanges.

This week, Inksit Group emphasized that the North Korean regime has continued to target local cryptocurrency trading platforms in South Korea.

“Broadly, these types of cryptocurrency scams fit the template of low-level financial crime described by defectors that has plagued South Korea for years, and that the international community is just beginning to track. It is a natural step for both a group of actors that has been so embedded in the cryptocurrency world for years and for a network that is being forced to innovate new funding streams to counter the effects of international sanctions.”

Marine Chain

The report also alleged North Korea for running a fraudulent ICO project called Marine Chain. The researchers stated that a network of North Korea “enablers” in Singapore created various ICO scams including HOLD.

Capt. Foong, who was listed as the CEO of Marine Chain at the time of the token sale, is said to be a contractor to several Singaporean countries that helped North Korea sanctions circumvention efforts for over five years.

“The companies Capt. Foong has worked for have been linked to manipulating the national flag registries for three countries, which were frequently used as flags of convenience for North Korean vessels,” the report read.

Aware of the efforts of hacking groups targeting cryptocurrency exchanges in South Korea, several government agencies have required digital asset trading platforms to focus on the implementation of strong security measures to prevent breaches and obtain insurance to protect user funds.

Bithumb, the largest cryptocurrency exchange in South Korea by trading volume, was hacked less than four months ago by the same hacking method it suffered from in July of 2017

This post is credited to ccn

A small Bitcoin exchange based in Alberta, Canada, has gone offline. Before their Twitter page went offline, MapleChange had announced on Twitter that they “[had] no more funds to pay anyone back.”

In the way of an explanation, the exchange had, approximately one hour before deleting its Twitter page, said that a “bug” had enabled “some people” to withdraw all of the funds on the exchange. Educated readers may recall a time when Mt. Gox claimed similar problems. The handling of the two cases by their administrators was dramatically different. In the case of Mt. Gox, attempts were made to repair the damage, although they resulted in worse damage. They went so far as to near-nakedly manipulate the Bitcoin price in an attempt to recoup lost customer funds before anyone found out.

The MapleChange Twitter account possessed less than 2,000 followers.

By contrast, Coinbase has over 1 million followers on Twitter and lesser-known altcoin exchange C-Cex has nearly 100,000. In short, cryptonaughts are generally highly active on Twitter and the viewership on that platform is a semi-decent way to judge the popularity of a product or service in the space.

Experts, Customers Fear Exit Scam

bitcoin exchange hack
Source: Twitter

It’s been some time since we were able to report on a good old-fashioned exit scam. In the crypto space, we have primarily seen them in gambling, the dark web, and exchanges. The recipe is basic: gather trust of some clientele, get all their funds in one place, and run off with the money. It doesn’t actually matter the method by which you run off with the money, whether you claim a hack or simply up and disappear. The less-frequent (today) practice is precisely where the old wisdom of keeping one’s coins off exchanges and the like overnight comes from. You never know what’s going to happen next, and in cryptocurrency, you don’t have anything if you don’t have your own private keys. It’s just the nature of the thing.

Unfortunately, the MapleChange “hack” has all the signs of an exit scam.

For starters, there’s no need for the exchange to delete its social media pages or completely disappear in quite the fashion it has. There is no question that it is in debt to a number of depositors, gratefully a likely small number, but in business such things happen, and that’s what insurance or bankruptcy courts are for.

The short span of time between the announcement of the “bug” and the total disappearance of the exchange or its operators is another signal.

The domain itself, registered at GoDaddy by one “Flavius P,” is suspect. Most professional operations go to some lengths to be above board, especially those that handle other people’s money.

The timing of the problems is another significant factor in guessing that this is not a hack or a bug at all, but rather an elaborate, premeditated scam. As you can see by’s recent traffic statistics, they were most probably doing more business over the last week than they had in recent times. If they are guilty of fraud, they struck early on a Sunday morning when they likely expected most clients to be sound asleep.

This story will be updated as new information becomes available. MapleChange representatives are welcome to reach out to CCN with more information.

This post is credited to ccn