WannaCry hackers were thought to have cashed out more than US$130,000 back in August, but researchers say the assailants, who are believed to be from North Korea, were able to take home millions in virtual currencies from a series of cyberattacks. North Korea's state-backed hackers are expected to unleash more global attacks in the future as the country continues to seek new sources of cash amid stricter international sanctions.
In an interview with Reuters, analysts whose identity have remained anonymous said the explosive growth in the value of bitcoin and other cryptocurrencies have made it an attractive cash cow for North Korea. Add to that the country's thin foreign relations as well as the international sanctions it faces over its nuclear weapons and missile programmes.
Government officials of North Korea have refuted the accusation that they were involved in the past cyberattacks, including the WannaCry ransomware that locked down many government offices and private companies around the world earlier this year.
Researchers in South Korea are firm that attacks this year on exchanges like Bithumb, Youbit and Coinis have digital imprints of hackers from North Korea. Bithumb and Coinis representatives refused to comment on the matter.
YouBit, meanwhile, has now filed for bankruptcy after losing 17 per cent of its assets from a string of cyberattacks. Reuters reported that two incidents pointed to North Korea.
According to South Korea's Chosun Ilbo report, about 7.6bn won (US$7m) worth of virtual currencies was stolen in those attacks. But Moonbeom Park, a researcher at the Korea Internet and Security Agency (KISA), told the news agency that stolen amount could be worth more than US$90bn won (US$82m).
Principal analyst at the cybersecurity firm FireEye, Cristiana Brafman Kittner, said there is no concrete evidence that North Korea is behind it all, but believed that hackers were looking at "multiple exchanges" over the past six to nine months.
"We believe that some of the criminal activity we are observing originating from North Korea is a result of the regime looking for alternative sources of revenue," Kittner told Reuters. "North Korean cyber threat actors present an immediate risk to the financial services sector worldwide."