International sanctions experts from the United Nations are warning people not to attend a cryptocurrency conference in North Korea.

The conference, which is allegedly taking place in February, is being flagged as a potential sanctions violation, Reuters reports .

Experts have laid out their advice in a confidential report that is to be submitted to the UN Security Council later this month.

The UN has been keeping a close eye on the Asian nation and its use of blockchain and cryptocurrency.

In November last year , a UN report claimed that North Korea had laundered money through a shell company posing as a “shipping and logistics firm run on a blockchain platform.”

The UN has also been monitoring the Asian nation’s cryptocurrency-focused hacking exploits, which it says netted the country more than $2 billion. North korea has denied the UN’s claims .

Indeed, given the recent arrest of American Ethereum developer Virgil Griffith, the UN’s advice to avoid North Korea isn’t at all surprising.

Griffith is currently under investigation for allegedly travelling to North Korea to discuss how cryptocurrency could be used to evade sanctions. At the time of writing, he is posted on bail for $1 million .

North Korea’s conference mystery

North Korea first announced that it would be holding a cryptocurrency conference back in August 2018. The country allegedly planned for the event to take place two months later and last two days.

Very little information was shared, although it was said the conference would end with a meet and greet between the country’s industry leaders and experts.

An investigation by Hard Fork later found out that the event was postponed. And so far it remains unclear if the event actually ever happened, at all.

Despite lengthy correspondence with the event’s supposed organizers, just one inconclusive photograph was provided as evidence that the conference went ahead.

A year later, news surfaced that the country was preparing to develop its own cryptocurrency in order to dodge strict international sanctions. Evidence of this was also sparse.

Whatever North Korea is doing with cryptocurrency and blockchain, I don’t think we need experts to tell us to steer clear.

Blackmailers made $332,000 in Bitcoin during ‘sextortion’ scam

Cybercriminals raked in more than $300,000 in Bitcoin payments during a ‘sextortion’ email-based blackmail campaign, which was first spotted in 2017 but saw increased activity mid-last year.

According to a report by UK firm Digital Shadows, which tracked a sample of 792,000 emails as part of their analysis, criminals received some $332,000 from more than 3,100 unique sender Bitcoin addresses.

The funds were deposited in 92 Bitcoin addresses. Further analysis of Bitcoin wallets associated with these scams found that ‘sextortionists’ could be reaping an average of $540 per victim.

Hard Fork first reported on the scam in July last year after Cornell University computer science professor Emin Gun Sirer publicized it on Twitter.

Targetting victims

Cybercriminals followed a similar modus operandi throughout the campaign.

Firstly, the extortionist would provide the target with a known password as “proof” of compromise and would then claim to have video footage of the victim viewing adult content online. The criminal would then ask for a ransom to be paid into a specific Bitcoin address.

Interestingly, the report revealed ways in which scammers sought to hire new accomplices to target high-net-worth individuals with considerably high salaries  – with some offering the equivalent of $360,000 per year. Those with network management, penetration testing, and programming experience, could expect to earn more – with one threat actor willing to pay $768,000 (£600,000) per year.

The report also reveals how criminals are making good use of social media networks to target their victims. A report by The Independent mentions LinkedIn specifically, but it’s worth noting that other networking platforms were also targetted.

Sophistication levels

According to researchers, the scammers‘ capabilities varied in terms of skills.

Some showed little understanding of how to put together and distribute emails on sizeable scale, often sending badly produced emails which failed to get past a mail server or spam filter.

On the other hand, some campaigns showed a higher level of sophistication, with many emails being sent from purposely created outlookom addresses.

The report also shows the campaign was launched on a global scale, with servers based across at least five different continents. Sender IP location information shows the highest amount of emails in the sample studied were sent from Vietnam (8.5 percent), followed by Brazil (5.3 percent), and India (4.7 percent).

This data may help paint a clearer picture of attackers’ whereabouts, but it’s important to note that the email servers could also have been compromised by the scammers themselves.

Monetizing the data

Cybercriminals are getting creative when it comes to monetization.

In the second half of 2018, prominent extortionist thedarkoverlord (TDO) re-emerged from a short hiatus, but with a different methodology.

Instead of extorting victims directly, TDO looked at selling stolen data in batches on criminal forums, in turn resorting to a more unusual tactic: online crowdfunding campaigns.

Initially, TDO used TheRealDeal, a dark web criminal forum, to sell data sets. When the forum ceased to exist, TDO began contacting victims directly and demanding ransom payments to prevent the public release of sensitive information. TDO also taunted victims on Twitter.

Then, around September last year, TDO reappeared on KickAss, a hacking and insider community, to recruit accomplices and to profit from data sets.

Sign this petition to stop Craig Wright from copyrighting the Bitcoin white paper

An online petition to remove Craig Wright‘s name from a copyright claim submitted earlier this week has surfaced after his latest effort to lay claim to the fact he authored the original Bitcoin white paper.

In an attempt to scratch his latest patent filing fetish itch , the Satoshi Nakamoto impersonator tried to put his name against the Bitcoin white paper and code by filing a registration with the US Copyright Office, CoinDesk reported yesterday .

Naturally, the cryptocurrency community hasn’t taken this lying down. One enterprising individual took it upon themselves to make a Changerg petition to remove Wright’s name from any copyright documents associated to Bitcoin.

At the time of writing, the petition has 146 signatures, and that number is rising by the minute. The petition appears to have been started on May 22, according to Changerg.

Unless you’ve been living with your head under a rock, Wright has continually claimed to be the original creator of Bitcoin, also known as Satoshi Nakamoto. However, on more than one occasion , he has failed to provide substantive evidence that this is true.

I signed the petition, you can too by clicking here .

(Not that Changerg petitions ever lead to any real change – consider it a public barometer of disdain.)