It is well-known that North Korean hackers, also known as the Lazarus Group, have been involved in cybercrime activities such as ransomware attacks in order to generate revenue for the North Korean government. Ransomware is a type of malware that encrypts a victim’s files and demands a payment in exchange for the decryption key.
North Korean hackers have been known to use various tactics to spread ransomware, including phishing emails, exploiting vulnerabilities in software and systems, and distributing the malware through third-party websites and software. Once a victim’s device is infected with the ransomware, the hackers typically demand a payment in the form of cryptocurrency in order to restore access to the encrypted files.
In addition to targeting individual users and small businesses, North Korean hackers have also been known to launch large-scale ransomware attacks against larger organizations, such as hospitals and government agencies. These attacks can cause significant disruption and financial damage to the affected organizations.
It is difficult to quantify exactly how much money North Korean hackers have made from ransomware attacks, as many victims may not report the attacks or pay the ransom demands. However, it is clear that ransomware has been a lucrative revenue stream for the Lazarus Group and other North Korean hacking groups.