North Korea suspected of tenfold increase in Monero mining

North Korea suspected of tenfold increase in Monero mining

The authorities of North Korea are increasing mining capacities and repeatedly increased the production of Monero within the last two years. Monero attracts Pyongyang as a cryptocurrency with a high degree of confidentiality that can help circumvent international sanctions.

The cybersecurity research firm RecordedFuture released a report detailing Kim Jong-un’s regime’s efforts to use cryptocurrencies to circumvent international sanctions aimed at detering the North Korean nuclear program.

The report shows at least a ten-fold increase in Monero mining activity from North Korean IP addresses since May 2019.

“We have observed an at least tenfold increase in Monero mining activity from North Korean IP ranges since May 2019. We believe that Monero’s anonymity and lower processing power requirements likely make Monero more attractive than Bitcoin to North Korean users.”

According to the study, North Korea increased its Internet presence largely due to the more intensive use of the Russian infrastructure owned by TransTelecom. 45% of all DPRK Internet traffic is currently passing through the TransTelecom infrastructure, compared to 36% at the beginning of 2018. Moreover, on weekdays during business hours, activity of North Korean users shows a sharp surge. Given that access to the global Internet is forbidden for ordinary North Korean residents, researchers conclude that it is North Korean government high-ranked officials who enter the global Internet. The report also notes that even among officials, only selected representatives of the highest-ranking leadership and trusted members of the ruling class have access to the Internet.

For this research, Insikt Group examined North Korean senior leadership’s internet activity by analyzing third-party data, IP geolocation, Border Gateway Protocol (BGP) routing tables, network traffic analysis, and open source intelligence (OSINT) using a number of tools. The data analyzed for this report spans from January 1, 2019 to November 1, 2019.

Earlier, a group of UN Security Council experts on North Korea published a report stating that hacker groups working for the North Korean authorities are responsible for the theft of $ 2 billion from financial institutions and crypto exchanges.