Apt 38 is an elite group of North Korea’s most capable hackers, and they are sponsored by the government, according to reports.
The group, called Cheollima Civil Defense, is selling some 200,000 visas to a future free North Korea, in hopes of raising as much as $27 million selling the citizenship documents on the blockchain.
Hacking on individual crypto wallets have increased based on cybersecurity firm Cuvepia, who indicated that the company had recently uncovered more than 30 attacks.
The North Korean state has been flagged as a persistent bad actor in crypto circles, hacking into South Korean exchanges as well as setting up their own fake ICOs to raise money for the regime.
To avoid the economic sanctions imposed by the United States, North Korea has reportedly been using cryptocurrencies “increasingly,” according to two Washington-based financial analysts.
A report by South Korea's state-run Korea Development Bank (KDB) suggested that North Korea has been mining cryptocurrencies, albeit on a small scale.
Called "Korean International Blockchain Conference," the inaugural blockchain conference is hosted by the Democratic People's Republic of North Korea (DPRK) in the capital city of Pyongyang, starting Oct. 1.
Dubbed Ryuk, there are suggestions the ransomware attacks could be linked to a North Korean hacker group known to rely on BTC ransom payments.
The ban kicks on March 9, but some say their cryptocurrency accounts—and their funds have already been frozen without a heads-up.
North Korea has been engaging in related cybercrime attacks, with mounting evidence pointing to a specific unit called Lazarus, according to South Korea.