Aurelia Butler

SEOUL (Reuters) – The nosedive in cryptocurrency markets has wiped out millions of dollars in funds stolen by North Korean hackers, four digital investigators say, threatening a key source of funding for the sanctions-stricken country and its weapons programmes.North Korea has poured resources into stealing cryptocurrencies in recent years, making it a potent hacking threat and leading to one of the largest cryptocurrency heists on record in March, in which almost $615 million was stolen, according to the U.S. Treasury.The sudden plunge in crypto values, which started in May amid a broader economic slowdown, complicates Pyongyang’s ability to cash in on that and other heists, and may affect how it plans to fund its weapons programmes, two South Korean government sources said. The sources declined to be named because of the sensitivity of the matter.It comes as North Korea tests a record number of missiles – which the Korea Institute for Defense Analyses in Seoul estimates have cost as much as $620 million so far this year – and prepares to resume nuclear testing amid an economic crisis.Old, unlaundered North Korean crypto holdings monitored by the New York-based blockchain analytics firm Chainalysis, which include funds stolen in 49 hacks from 2017 to 2021, have decreased in value from $170 million to $65 million since the beginning of the year, the company told Reuters.One of North Korea’s cryptocurrency caches from a 2021 heist, which had been worth tens of millions of dollars, has lost 80% to 85% of its value in the last few weeks and is now worth less than $10 million, said Nick Carlsen, an analyst with TRM Labs, another U.S.-based blockchain analysis firm.A person who answered the phone at the North Korean embassy in London said he could not comment on the crash because allegations of cryptocurrency hacking are “totally fake news.””We didn’t do anything,” said the person, who would only identify himself as an embassy diplomat. North Korea’s foreign ministry has called such allegations U.S. propaganda.The $615 million March attack on blockchain project Ronin, which powers the popular online game Axie Infinity, was the work of a North Korean hacking operation dubbed the Lazarus Group, U.S. authorities say.Carlsen told Reuters that the interconnected price movements of different assets involved in the hack made it difficult to estimate how much North Korea managed to keep from that heist.If the same attack happened today, the Ether currency stolen would be worth a bit more than $230 million, but North Korea swapped nearly all of that for Bitcoin, which has had separate price movements, he said.”Needless to say, the North Koreans have lost a lot of value, on paper,” Carlsen said. “But even at depressed prices, this is still a huge haul.”The United States says Lazarus is controlled by the Reconnaissance General Bureau, North Korea’s primary intelligence bureau. It has been accused of involvement in the “WannaCry” ransomware attacks, hacking of international banks and customer accounts, and the 2014 cyber-attacks on Sony (NYSE:SONY) Pictures Entertainment. Analysts are reluctant to provide details about what types of cryptocurrency North Korea holds, which might give away investigation methods. Chainalysis said that Ether, a common cryptocurrency linked to the open-source blockchain platform Ethereum, was 58%, or about $230 million, of the $400 million stolen in 2021.Chainalysis and TRM Labs use publicly available blockchain data to trace transactions and identify potential crimes. Such work has been cited by sanctions monitors, and according to public contracting records, both firms work with U.S. government agencies, including the IRS, FBI and DEA.North Korea is under widespread international sanctions over its nuclear programme, giving it limited access to global trade or other sources of income and making crypto heists attractive, the investigators say.’FUNDAMENTAL’ to NUCLEAR PROGRAMMEAlthough cryptocurrencies are estimated to be only a small portion of North Korea’s finances, Eric Penton-Voak, a coordinator of the United Nations panel of experts that monitors sanctions, said at an event in April in Washington, D.C., that cyberattacks have become “absolutely fundamental” to Pyongyang’s ability to evade sanctions and raise money for its nuclear and missile programmes.In 2019, sanctions monitors reported that North Korea had generated an estimated $2 billion for its weapons of mass destruction programmes using cyberattacks.One estimate from the Geneva-based International Campaign to Abolish Nuclear Weapons says North Korea spends about $640 million per year on its nuclear arsenal. The country’s gross domestic product was estimated in 2020 to be around $27.4 billion, according to South Korea’s central bank.Official sources of revenue for Pyongyang are more limited than ever under self-imposed border lockdowns to combat COVID-19. China – its biggest commercial partner – said in 2021 that it had imported just over $58 million in goods from North Korea, amid some of the lowest level of official bilateral trade in decades. Official numbers do not include smuggling.North Korea already only gets a fraction of what it steals because it must use brokers willing to convert or buy cryptocurrencies with no questions asked, said Aaron Arnold of the RUSI think-tank in London. A February report by the Center for a New American Security (CNAS) estimated that in some transactions, North Korea only gets one-third of the value of the currency it has stolen.After obtaining cryptocurrency in a heist, North Korea sometimes converts it to Bitcoin, then finds brokers who will buy it at a discount in exchange for cash, which is often held outside the country. “Much like selling a stolen Van Gogh, you’re not going to get fair market value,” Arnold said. CONVERTING TO CASHThe CNAS report found that North Korean hackers exhibit only “moderate” concern over hiding their role, compared to many other attackers. That allows investigators to sometimes follow digital trails and attribute attacks to North Korea, though rarely in time to recover the stolen funds.According to Chainalysis, North Korea has turned to sophisticated ways of laundering stolen cryptocurrency, increasing its use of software tools that pool and scramble cryptocurrencies from thousands of electronic addresses – a designator for a digital storage location. The contents of a given address are often publicly viewable, allowing firms such as Chainalysis or TRM to monitor any that investigations have linked to North Korea. Attackers have tricked people into giving access or hacked around security to siphon digital funds out of internet-connected wallets into North Korea-controlled addresses, Chainalysis said in a report this year.The sheer size of recent hacks has strained North Korea’s capacity to convert cryptocurrency to cash as quickly as in the past, Carlsen said. That means some funds have been stuck even as their value drops.Bitcoin has lost about 54% of its value this year and smaller coins have also been hit hard, mirroring a slide in equities prices linked to investor concerns about rising interest rates and the growing likelihood of a global recession.”Converting to cash remains a key requirement for North Korea if they want to use the stolen funds,” said Carlsen, who investigated North Korea as an analyst at the FBI. “Most of the commodities or products the North Koreans want to buy are only traded in USD or other fiat, not cryptocurrencies.”Pyongyang has other, larger sources of funding that it can rely on, Arnold said. U.N. sanctions monitors have said as recently as December 2021 that North Korea continues to smuggle coal – usually to China – and other major exports banned under Security Council resolutions.VOLATILE CURRENCIESNorth Korean hackers sometimes appear to wait out rapid dips in the value or exchange rates before converting to cash, said Jason Bartlett, the author of the CNAS report.”This sometimes backfires as there is little certainty in predicting when the value of a coin will rapidly increase and there are several cases of highly depreciated crypto funds just sitting in North Korea-linked wallets,” he said.Sectrio, the cybersecurity division of Indian software firm Subex, said there are signs North Korea has begun ramping up attacks on conventional banks again rather than cryptocurrencies in recent months.The firm’s banking sector-focused “honeypots” – decoy computer systems intended to attract cyberattacks – have seen an increase in “anomalous activities” since the crypto crash, as well as an increase in “phishing” emails, which try to fool recipients into giving away security information, Sectrio said in a report last week.But Chainalysis said it had yet to see a major change in North Korea’s crypto behaviour, and few analysts expect North Korea to give up on digital currency heists.”Pyongyang has added cryptocurrency into its sanctions evasion and money laundering calculus and this will likely remain a permanent target,” Bartlett said. More

WASHINGTON D.C (Reuters) – A severe semiconductor shortage has resulted in record wire fraud cases last year reported by desperate buyers, a company that tracks counterfeit and fraud in the chip industry said on Tuesday.ERAI Inc said in 2021 there were 101 wire fraud cases reported to the U.S.-based firm, up from 70 in 2020 and 17 five years ago.Companies looking for chips they could not find through authorized and vetted distributors were trying to buy them from shadier brokers and transferring funds for goods that never got delivered, ERAI president Mark Snider said.Reporting is voluntary and most of the wire fraud was by chip brokers in China, he said.While there is a government counterfeit parts database called GIDEP, or Government-Industry Data Exchange Program, it doesn’t allow anonymous reporting, making ERAI the main database that companies use for navigating counterfeit chip problems and reporting fraud, according to industry experts.Still, the latest data showed that the number of counterfeit chip incidents reported to ERAI in 2021 was 504 and in 2020 463. That’s a sharp drop from 963 in 2019.Snider said China’s pandemic-related shutdowns could be making it harder for counterfeiters to operate and also said counterfeits are increasingly more sophisticated, evading detection.The data was released at the Symposium on Counterfeit Parts and Materials organized by the Center for Advanced Life Cycle Engineering, a research facility at University of Maryland and industry group SMTA.Diganta Das, the counterfeit researcher heading the conference said the ERAI data was a good indication of trends.The real number, however, was likely to be significantly larger because companies fearing brand damage often prefer not to report counterfeit chip purchases. More

The current contract covering more than 22,000 port laborers at 29 West Coast ports expires on July 1. Retailers, farmers and other U.S. shippers worry that any breakdown in the often-contentious West Coast port labor talks will further disrupt cargo flows and send inflation-fueling transportation costs even higher.Walsh said he checks in weekly with the International Longshore and Warehouse Union (ILWU) and the Pacific Maritime Association (PMA) employer group. They “continually tell me that we’re in a good place. It’s moving forward,” Walsh said.In a rare joint statement on June 14, the ILWU and the PMA said they are not planning any work stoppages or lockouts that would worsen supply chain logjams.Earlier this month, President Joe Biden met with the two sides as he grapples with supply-chain disruption and inflation that are fueling voter discontent ahead of key mid-term elections in November.Asked if port automation is a sticking point in the talks, Walsh said: “There’s been no issues that I’m aware of that have come up that have made either side concerned.”Meanwhile, wary shippers are routing cargo away from the West Coast to avoid potential labor-related slowdowns, particularly at the nation’s busiest seaport complex at Los Angeles/Long Beach.That change is giving those Southern California ports, which employ the lion’s share of ILWU workers, a chance to clear backlogs. But it is also causing cargo backups at East Coast and Gulf Coast ports like New York/New Jersey, Savannah and Houston. More

Manufacturers and retailers are bracing for chaos as US Customs begins to enforce a ban on imports from China’s Xinjiang region from June 21 in response to reports of forced labour.Companies are scrambling to gauge how the new rules could affect their business and supply chains, with Asian clothing suppliers, international retail chains, US solar-panel makers and Chinese floor tile material makers among scores of groups that could see US-bound shipments seized.The ban intensifies pressure on Beijing over allegations of widespread human rights violations — including torture, arbitrary detention and forced labour — against Muslim Uyghur and other minorities in the country’s far-western Xinjiang region. China denies the claims and has warned of retaliatory measures.Signed into law by president Joe Biden at the end of last year, the Uyghur Forced Labor Prevention Act presumes that all US-bound imports traced to Xinjiang, from cotton and tomatoes to floor tile and solar panel materials, were made using forced labour and brands them as “high priority” for seizure.More than 900 shipments from the region were seized in the last quarter of 2021 by US authorities under earlier trade restrictions.But trade and business groups said the new legislation’s vague wording threatened to put the bulk of China’s $500bn in annual shipments bound for the US at risk.“The way the law is written could be interpreted as applying to other kinds of goods from other parts of China that allegedly involved forced labour at some point along the supply chain,” Doug Barry, a senior director at the US-China Business Council, told Nikkei Asia in an email.There are reports of detainees being moved out of Xinjiang to work in other parts of the country, while components produced in the region have been traced to US-bound exports shipped from elsewhere in China.Barry warned that the law could heap more pressure on pandemic-hit supply chains and stoke US inflation, already running at 40-year highs.Companies are still awaiting clear instructions from US Customs and Border Protection, Barry said.“They have released little information beforehand, and companies won’t know many of the details of what they must comply with until the date they must comply,” he said. “We are expecting implementation to be messy.”US-based Mission Solar pledged to follow the new rules, but the equipment provider said it was “difficult to know what effect it will have at this point”.Hong Kong apparel supply chain manager Lever Style, whose clients include Fila, Hugo Boss and Theory, said it was pivoting to fabric made with Indian cotton for American customers ahead of the ban.“We still buy most of our cotton fabric in mainland China, but we can quickly switch to buying fabrics in other places,” said Stanley Szeto, the company’s executive chair.Xinjiang has a booming industrial, mining and agricultural sector. Everything from peppers and walnuts to electrical equipment and polysilicon, a key material for making solar panels, ship to the US from the region. It also accounts for 20 per cent of the world’s cotton and 80 per cent of China’s domestic production.In the week before the ban, US customs issued an operations guide for companies looking to prove their products were not made using forced labour, including supply chain maps and purchase orders.A new list published on June 17 bars goods that are produced by or contain material parts made by over 20 companies including Baoding LYSZD Trade and Business, Changji Esquel Textile and Hotan Haolin Hair Accessories.US customs said it would strictly enforce the rules, which threaten to aggravate already tense relations between Washington and Beijing.China’s state-owned Global Times reported that American shoe company Skechers organised an independent investigation of its supply chain after goods manufactured in China were seized by US customs. Companies including Nike and H&M previously faced questions about Xinjiang cotton used in their products.“If the act is implemented, it will severely disrupt normal co-operation between China and the US, and global industrial and production chains,” said Zhao Lijian, Chinese Ministry of Foreign Affairs spokesperson, the week before the ban. “If the US insists on doing this, China will take robust measures to uphold its own rights and interests as well as its dignity.”Concerns also exist that US agencies lack the resources to properly vet imports and enforce the new law. But authorities say they will use a multi-layered approach tapping information from vast systems.“We don’t stop shipments just on hearsay or on one piece of information,” JoAnne Colonnello, centre director at Customs and Border Protection, told a business briefing. “We look in total at the situation, and all of the evidence involved, to ensure that we have efficient and effective targeting.”Britain’s Sheffield Hallam University released a report in mid-June documenting the use of forced labour in Xinjiang to manufacture polyvinyl chloride, a core component in floor tiling. Academics and media organisations have published reports detailing systematic use of forced labour among Uyghurs held in what critics describe as internment camps.China, which initially denied the existence of such facilities, later said they were vocational training centres designed to combat the rise of religious and separatist extremism in the region.A sweeping crackdown in Xinjiang over the past few years has repressed cultural and religious practices and prompted allegations of forced sterilisation and arbitrary imprisonment — conditions that some western governments say amount to genocide.Rights groups have urged for years that companies and brands linked to shirts, trousers and other Xinjiang-made goods be held accountable for labour conditions in the region.“If governments make it mandatory for corporations and companies to conduct meaningful due diligence — which is not easy to do in China — before they engage in their activities, I think that is something we would welcome,” said Alkan Akad, China researcher at Amnesty International.But some major corporations including Apple and Coca-Cola lobbied against the Biden administration’s import ban, saying they found no evidence of forced labour in Xinjiang’s manufacturing or supply chains.Japanese retailers Muji and Uniqlo say they expect little impact on their operations.“We do not export any products made in Xinjiang Uyghur Autonomous Region to the United States,” said a spokesperson for Muji owner Ryohin Keikaku, referring to the region’s official name. “In our business activities, we comply with the laws and regulations of each country and region, and strive to respect human rights and manage labour standards.”Additional reporting by Rurika Imahashi, Peggy Ye and Jack Stone TruittA version of this article was first published by Nikkei Asia on June 20 2022. ©2022 Nikkei Inc. All rights reserved.Related StoriesDozens of countries condemn China over Xinjiang abuse claimsUN rights chief won’t seek new term amid China backlashChina’s Xinjiang faces ‘risk of genocide’: EU parliamentIntel apologizes after Xinjiang policy sparks China backlash More