The story begins with a member of the hacker squad, Park Jin-hyuk. As a core member of the ace squad, Park Jin-hyuk has an outstanding record.
Park Jin-hyuk (formerly known as Park Kwang-jin), FBI's most wanted, graduated from North Korea's top academic institution, employed by Chosun Expo company, writes online games and gambling software for clients around the world. Park Jin-hyuk works hard, coding during the day and hacking at night. There's a famous saying in the programming industry, "talk is cheap, show me the code". Below, Park Jin-hyuk will demonstrate his code.
Sony Pictures Hacking Incident
In 2014, Sony Pictures was preparing to release a comedy film called "The Interview", which depicted the CIA using a talk show as a pretext to stage a coup in North Korea and assassinate General Kim.
This outraged the General, who deployed the ace hacker squad Lazarus Group. Lazarus Group (also known as Peace Guard, reportedly operated by the North Korean government) threatened to launch terrorist attacks if the film was released.
Like many others, Sony Pictures was baffled, North Korea has hackers?
If you think so, you are wrong, not only does North Korea have hackers, their computer skills are even stronger than most programmers around the world! After all, programmers elsewhere don't have a gun pointed at their back, they rely on proactivity.
After much deliberation, Sony Pictures decided to release the film on Christmas Day as scheduled.
Lazarus Group was furious, feeling disregarded. On Christmas Day, Sony Pictures was hacked thoroughly. Over 100TB of data was leaked, including internal emails and social security numbers of employees. By the way, the leaked emails included correspondence between Pascal and Marvel executives, accidentally revealing why Spider-Man could appear in the Marvel Universe.
As you guessed, this was the debut battle of the ace hacker Park Jin-hyuk, which was revealed six years after the incident.
Bangladesh Bank Heist
Then, in 2016, a shocking global incident occurred - the Bangladesh Central Bank heist. If two years earlier was his debut battle, this was his breakout battle.
In February 2016, the Lazarus Group hacker organization issued 35 fraudulent instructions to SWIFT (Society for Worldwide Interbank Financial Telecommunication), requesting the transfer of $1 billion from the US Federal Reserve in New York to the Bangladesh Central Bank account.
Unfortunately, they made a small spelling mistake, which led to the rejection of the instructions. Because a word "Jupiter" was used, which is a sensitive word. Using this word triggered the warning system, automatically interrupting the execution of the instruction and re-reviewing the transaction instructions, resulting in 30 of their 35 instructions being rejected, and only 5 being executed, successfully stealing $100 million.
You might think it's over? No! They made another spelling mistake...
They transferred $20 million to an account called the Shalika Foundation, but they spelled Foundation as Fundation, causing the transaction to be audited and not completed in time, although another $81 million has not been recovered to this day.
Signature Work WannaCry 2.0 Virus
Remember the arrogant ransomware from a few years ago? It even affected the public security internal network, and the National Internet Emergency Center once issued a notice.
This virus exploited the NSA's EternalBlue exploit program to attack Windows systems worldwide through the internet, encrypting users' files using AES and RSA algorithms, and demanding ransom in Bitcoin.
Ordinary users might not care, their data isn't valuable, they could just format and reinstall the system. But for many businesses, universities, and governments, their data is valuable,
By 2018, this virus had attacked over 150 countries and regions, causing many adverse effects.
For example, the operation of the UK healthcare system was affected, some surgeries were canceled, and ambulances had to be diverted. The Hong Kong Computer Emergency Response Team Coordination Centre, the Colombian National Institute of Health, the German railway system, the Andhra Pradesh police department in India, and many others were affected, including factory shutdowns in Taiwan's Hsinchu Science Park, Central Taiwan Science Park, and Southern Taiwan Science Park, and a car factory in Japan's Hasama City.
From this, it can be seen that the General is quite professional in making money, he doesn't differentiate between friends or enemies when it comes to making money. Hence, the recent big event - the theft of $1.5 billion from Bybit.
$1.5 Billion Stolen from Bybit
Bybit is a cryptocurrency exchange based in Singapore, ranking among the top ten in the industry.
The relationship between North Korea and Singapore is quite good, Kim Jong Un's daughter Kim Jong Hui, son-in-law Jang Song Thaek, and other dignitaries visit Singapore the most. North Korea's business representation in Singapore was established earlier than South Korea's.
The 2018 meeting between Trump and Kim Jong Un, the first-ever meeting between the leaders of the US and North Korea, took place in Singapore.
As mentioned above, the General focuses on making money regardless of friends or enemies, and Bybit also suffered this time.
Here's the basic principle, the cold wallet uses multi-signature authorization, if one person's computer is hacked (it could also be a social engineering hack, bribing an insider), thereby injecting a virus to fake the transfer interface, turning the transfer operation into a contract authorization operation, and the authorizer and the other two primary confirmers didn't carefully check and agreed, then their plan was successfully executed. Subsequently, they only need to slowly transfer the funds across multiple accounts on the chain.
After this incident, Bybit launched a "Bounty Recovery Plan", offering a reward of 10% of the stolen funds. The total bounty is based on the verifiable recovery amount of the stolen ETH valued at over $1.4 billion at the time of the event. If all funds are recovered, the total bounty could be as high as $140 million. Friends, the opportunity to get rich is now!
Finally, Let's Talk About the North Korean Hacker Organization
Besides the above cases, the North Korean hacker organization has successfully executed many operations.
KuCoin exchange was hacked, Ronin cross-chain bridge was hacked, and the personal wallet of the founder of Defiance Capital was hacked. Their practical experience is extremely rich.
Since the 1980s, the North Korean government has spent a lot of effort on hacker training, internally designated as "Secret War".
A defected former member of the North Korean Reconnaissance General Bureau, Zhang Shi-lu, once explained.
North Korea started planning for cyber warfare in the 1980s with a secret plan code-named "Secret War". In his words: "Compared to nuclear bombs, our keyboards are the real weapons of mass destruction."
It's not easy to join this organization. Zhang Shi-lu's alma mater - North Korea's Automation University is the "Hogwarts" of the hacker world. Every year, 5000 people compete for 100 enrollment spots, with an acceptance rate lower than that of the Ivy League.
The selected "young hackers" undergo a nine-year "boot camp", immersing themselves in code from the age of 17, specializing in how to crack Windows systems and develop unique viruses.
Even more extreme, they also play "role-playing" - being sent to the target country to infiltrate for two years, learning the local language and culture. Some members appear to be employees of trading companies on the surface, but are actually writing attack programs behind the scenes.
You might find it strange: wouldn't these young people, who can freely access the internet, be swayed by the outside world?
Pyongyang has already calculated this. They offer hackers a monthly salary of $2000 (twice that of foreign ambassadors!), provide a 185 square meter luxury house in Pyongyang, and even allow their entire family to move their household registration to the capital. This treatment in North Korea is simply "elite", no wonder Zhang Shi-lu said: "Even if you exchange it for a job at the South Korean Presidential Office, they wouldn't blink an eye."
The most ironic part is, many of these top hackers come from ordinary families. North Korea checks the background of three generations for technical positions, but in recent years, international sanctions have forced the General to "recruit talent without sticking to one pattern".
The General earns billions of dollars in foreign exchange through cyber attacks every year, making the keyboard more useful than a money printing machine.
Imagine Harry holding a keyboard: "Ron, this thing is more useful than a money printing machine!"
Watching the dollars continuously flow into the account, the General thinks, although he only has 24 hours of usage rights per day, all these belong to the North Korean people. With this thought, he blurted out: "Your salt, my vinegar, people of Chaoshan, pay attention to rice and pots, sleep late!"
