North Korea’s Bitcoin Play

As the digital currency bitcoin traced one of its meteoric ascents, a plum job posting began circulating online: chief financial officer for a rapidly expanding bitcoin financial-services company based in London. Although the company was real, the job had been dreamed up by North Korean hackers, according to Secureworks Inc., a cybersecurity company that discovered a document with the fake job description in November. It was meant to circulate by email among people in the bitcoin world. If someone clicked on it, a prompt would explain that it was created by a later version of Microsoft Word and that the user needed to “enable editing” and “enable content.” Doing so would install a piece of malicious code. While many digitally savvy people would presumably know better, such attacks can pay off if they hit just a few distracted recipients.

The hackers could have been after any number of things, but they were most likely trying to break into personal or corporate stashes of bitcoin and other so-called cryptocurrencies. For North Korea’s rogue regime, the emergence of bitcoin provides new revenue possibilities to get around increasingly stringent sanctions. Its price has soared from under $1,000 at the end of 2016 to more than $16,000, and it can move quickly and largely anonymously across borders. “It’s a perfect mechanism for North Korean money,” says Joshua Chung, a senior security researcher in Secureworks’ counterthreat unit, which tracks new computer attacks and vulnerabilities.