SEOUL, SOUTH KOREA - AUGUST 10: People watch a TV
People in Seoul, South Korea, watch TV coverage of a North Korean missile launch.(Photo by Chung Sung-Jun/Getty Images)
  • A confidential report prepared for the United Nations says sophisticated North Korean attacks on banks and crypto currency repositories raised around R30 billion for its development of nuclear weapons.
  • Now new detail has emerged – including that South Africa was among the small group of countries targeted.
  • According to a separate report, an African bank successfully managed to fend off a North Korean attack.
  • For more stories go to www.businessinsider.co.za.


South Africa was reportedly among the countries targeted by North Korean operations to raise money for nuclear weapons testing through cybercrime.

South Africa suffered one such attack, according to new detail emerging this week, alongside 16 other countries including Nigeria, Gambia, Liberia, Costa Rica and Malaysia – while10 attacks were supposedly launched on South Korea.

According to a confidential report prepared for the United Nations the attacks sought to set up fake interbank transfers by hijacking bank computers and infrastructure, and to steal cryptocurrency tokens through direct attacks on users as well as crypto exchanges.

Earlier in August Reuters saw a summary of the report, which said that some $2 billion, the equivalent of around R30 billion, was lost to a wave of North Korean cyber crimes.

The pariah country was engaging in "widespread and increasingly sophisticated" attacks, the report said according to Reuters, with the money going toward its development of weapons of mass destruction, specifically an ongoing project to develop intercontinental ballistic missiles.

A separate report from a Washington-based think-tank dedicated to North Korea said that the country's hackers make no strenuous efforts to hide signatures by which they can be identified. 

Reports on the summary version of the findings for the United Nations did not provide much detail. But the Associated Press has had sight of a longer version of the still-confidential document, which lists the countries targeted and some information on the nature of the attacks.

Experts told the UN that the North Korean attacks require little infrastructure, often just internet access and a computer, making for "low risk and high yield" operations.

In one instance – in a country that was not named – suspected North Korean hackers compromised a bank's ATM infrastructure to such an extent that agents spread across more than 20 countries could make 10,000 cash withdrawals. 

In South Korea cryptocurrency exchanges were particular targets, while North Korea apparently also hijacked infrastructure in order to mine cryptocurrency for its own account.

It is not yet clear what the attack vector was in South Africa, or whether the detected attack succeeded.

However, at least one bank based in Africa reportedly managed to fend off a North Korean attack. Last week UK-based security company Barac said it had helped the unnamed bank identify suspicious traffic on its network. Close analysis showed that bank infrastructure had been compromised, and small amounts of money were being funnelled to Bulgaria.

Encryption certificates used in the attack had been signed in North Korea, Barac said.

Receive a single WhatsApp every morning with all our latest news: click here.

Also from Business Insider South Africa: