A North Korean hacking group utilizes cryptocurrency theft, cryptomining, and money laundering as tools in their arsenal

A North Korean hacking group, known as APT43, has been found to utilize a unique money-laundering scheme involving stolen cryptocurrency and rented services to create clean digital currency, according to a report from Google’s Mandiant. The group, which has been operational since at least 2012, focuses on cyberespionage, but also steals cryptocurrency to fund its operations. Unlike other North Korean government-connected hackers who target large amounts of cryptocurrency, APT43 is more likely to target individuals for smaller thefts. By paying for “hash rental” or “cloud mining” services, the group can obtain clean cryptocurrency, which can be used to sustain its hacking operations. The group’s use of cryptomining has garnered mixed reactions from crypto experts, with some considering it an old money-laundering technique and others seeing it as a viable option due to the regulatory gray area of some cloud mining providers.