**North Korea Again Steals $1.5 Billion in Cryptocurrency**
On February 21, the cryptocurrency exchange Bybit was hit by a $1.5 billion hacking incident, once again bringing the North Korean hacking group Lazarus Group into the spotlight.
In recent years, this organization has repeatedly succeeded, from the theft at KuCoin exchange to the heist of the Ronin cross-chain bridge, and even the hacking of the personal wallet of the founder of Defiance Capital. The mastermind behind these attacks is this mysterious hacking organization.
You may wonder how North Korea, as one of the most closed countries in the world, has cultivated such formidable power on the digital battlefield.
In traditional military fields, North Korea struggles to compete with the U.S.-South Korea alliance, but cyber warfare provides it with a strategic leverage akin to “using four ounces to deflect a thousand pounds.” Consequently, since the 1980s, the North Korean government has invested significant effort in hacker training, internally code-named “Secret War.”
Jang Se-yul, a North Korean defector who escaped to South Korea in 2007, previously attended North Korea’s top engineering school, Mirim University (now renamed University of Automation). During his university years, Jang studied courses offered by Bureau 121 alongside other hackers.
After graduation, Jang joined the North Korean government’s Reconnaissance General Bureau, where Bureau 121 operates as an elite espionage agency. It was during this time that he began to interact with the top hackers within Bureau 121.
In a later interview with Business Insider, Jang stated that the threat posed by North Korea’s cyber warfare is more tangible and dangerous than its nuclear threats. He said, “This is a silent war. The battle has already begun without a single shot being fired.”
The question arises: how does such a poor and resource-scarce country invest heavily in cyber warfare?
Jang’s answer is simple: it is cheap to train a hacker.
Generally, North Korea is divided into three major classes: the basic masses (core class), complex masses (ordinary middle class), and hostile class remnants (landlords, wealthy farmers, and other hostile elements), further divided into 56 sub-classes. These classifications are documented in the resident registration system and used during the recruitment process.
Ahn Chan-il, president of the World North Korea Research Center, stated that in the past, North Korean hackers were also evaluated based on their family background, as a decline in their loyalty to the party could pose a threat to the regime.
However, after the international community imposed comprehensive sanctions on North Korea, blocking its avenues for earning foreign currency, the country was forced to resort to cyber attacks to illegally generate foreign currency.
This opened up a special channel for cultivating cyber warfare talent, allowing for a more flexible recruitment strategy.
Jang’s alma mater—University of Automation—serves as a core base for cultivating North Korean hackers. He noted, “Each class only enrolls 100 students, but there are as many as 5,000 applicants.”
This can be seen as a “PLUS” version of university entrance exams; once accepted, becoming a hacker places one among the top 1% of North Koreans, albeit through a particularly arduous process.
Before these young hackers are deployed, they undergo nearly nine years of rigorous training, starting as young as 17.
In school, they attend six classes daily, each lasting 90 minutes, learning various programming languages and operating systems. They spend considerable time analyzing Microsoft’s Windows operating system and other programs, studying how to breach the computer information systems of adversarial countries like the U.S. and South Korea.
Additionally, their core mission is to develop their own hacking programs and computer viruses, rather than relying on existing ones from outside sources.
In Jang’s view, North Korean hackers’ technical skills are on par with top programmers from Google or the CIA, and they may even surpass them.
From the first day of their education, these “black little generals” are given missions and objectives, divided into different groups focusing on attacking different countries and regions, such as the U.S., South Korea, and Japan. Once hackers are assigned to a specific “national group,” they will spend nearly two years infiltrating that country, learning the local language and cultural knowledge to avoid revealing any weaknesses beyond their technical skills.
Jang mentioned that one of his friends worked for an overseas department of Bureau 121 but presented himself as an employee of a North Korean trading company. No one knew his true identity, and his company operated normally.
Due to the unique nature of cyber warfare, these young hackers have the freedom to use the internet, keeping abreast of the latest developments abroad, and they are well aware that their country is extremely “closed and conservative.” However, this does not waver their patriotism and loyalty to their leader.
“Even if others forcibly persuade them or offer them jobs at the South Korean presidential office, they will not betray their country,” Jang stated.
Of course, becoming a hacker also means access to money and privileges.
Young hackers can earn a monthly salary of up to $2,000, which is twice that of an ambassador. Additionally, they can obtain luxurious apartments over 185 square meters in central Pyongyang and relocate their families to the capital, all of which are undoubtedly very enticing conditions.
In this new era where keyboards replace missiles, the keyboards of young hackers will become the Damocles’ sword over cryptocurrency.
This article is collaboratively republished from: ShenChao