الصفحة الرئيسيةمقالات
هل سيتدخل المنظمون إذا استخدمت كوريا الشمالية التشفير المسروق لصنع أسلحة نووية؟
هل سيتدخل المنظمون إذا استخدمت كوريا الشمالية التشفير المسروق لصنع أسلحة نووية؟
By CoinUnited
Attacks have increased in number and severity, prompting authorities to show their fangs and demand action. Regulation might expand, discouraging investors and slowing innovation, if the crypto community is unable to counter the North's criminal effort.
Its beliefs, customs, and practices are looked down upon and even mocked by others. This country is so undemocratic that even its official name, the Democratic People's Republic of North Korea, is a punchline. Kim Jong-un, leader of North Korea, wields a hammer tipped with uranium. And yet, our politicians do little to stop Kim Jong-un or alleviate the pain he causes.
We are stuck with no genuine options because of Kim's massive nuclear arsenal. Once North Korea demonstrated its ability to build nuclear bombs in 2006, it joined the United States, Russia, China, and all the other nuclear powers in a standoff in Mexico in which the first country to fire would likely destroy all life on Earth. The number of nuclear bombs in North Korea's arsenal has increased since 2006, with current estimates placing that number at over a hundred. In addition, the country now possesses long-range ballistic missiles capable of striking the United States. Whether or not the Little Rocket Man would ever actually utilize these weapons of mass destruction is an open topic.
As Cyberwarfare Enters the Arena
Although Kim's late father, Kim Jong-Il, showed a lot of interest in military matters, including nuclear weapons, Kim has moved his attention in recent years to cyberwarfare. If the internet is a pistol, cyberattacks are like autonomic bombs, stated Kim Senior in the Electronic Warfare Reference Guide (2005). His follow-up statement was, "Electronic warfare is the deciding factor in modern battle." The new Kim enjoys the internet and technology just as much as his father did.
It is generally agreed that the Kim family's policies are driven by two things: increasing North Korea's military power through nuclear weapons and improving the country's dire economic situation. This second, poverty-related aspect is frequently disregarded.
60% of North Koreans [2020 report] are in absolute poverty, which implies they do not have enough money to buy food, clean water, a safe place to live, or enough clothing and shelter. The North's GDP is only $28 billion, which is not a lot for a country of 25 million people (Elon Musk made $121 billion last year), and almost all of its trade earnings come from just one ally: China. At just $1,700, the country has a GDP per person that is lower than Afghanistan. Even worse, Kim's unwillingness to relinquish his nuclear weapons has cut off help to the North Korean people from other countries.
When we add Kim's insatiable appetite for military expansion to these economic issues, it becomes clear why he never lets up in his persistent cyberattacks against banks and crypto platforms. Kim's strategy of stealing from his rivals rather than directly attacking them makes complete sense considering that cyberattacks are not only cheap compared to traditional warfare but profitable as well. Moreover, since it is typically difficult to determine who is behind a cyberattack, North Korea has some wiggle room in denying responsibility (although their denials often prompt snorts of laughter and derision, as you will see later).
No one knows the inner workings of Kim's cyberwarfare teams, the number of operators he employs, or the nations they are based in. We haven't even decided on a name for Kim's cyber operatives yet. They'll use a new name to hack a couple of businesses, then swap it to something else. Guardians of the Peace, IsOne, WhoIs, NewRomanic [sic] Cyber Army, and Hidden Cobra are just a handful of their past aliases. Many people think that most of North Korea's financially driven cyberattacks are the work of a single team known only by one name: the Lazarus Group, because Kim's hackers utilize the same methods and tools again and over again under various aliases.
However, the United States Army believes there are at least 1,700 cyber professionals split between two groups called BlueNorOff and AndAriel. The former is directed against banking services like crypto exchanges, while the latter is directed at NK's long enemy roster. Some 6,000 operatives, according to other reports (mainly defectors), are secretly working for Lazarus all over the world, with many of them based in China (although the Chinese government vehemently disputes this). All of North Korea's cyber operatives may be part of Lazarus, or perhaps only a select handful. They might all share an office block in Pyongyang, or they could be dispersed throughout the globe and work together virtually. Lazarus has already stolen billions of dollars from unwary financial institutions throughout the world, and more will definitely come, regardless of its genuine size and strength.
No one mentioned Lazarus at the time, but future attacks were linked to the same set of tools and methods. Between 20,000 and 50,000 machines, primarily in South Korea, were compromised by Lazarus agents who then used them to flood servers and websites with traffic (called a distributed denial of service, or DDoS attack). The White House, Pentagon, NYSE, and the Washington Post were among the sites attacked in the initial round of cyberattacks on the United States and South Korea. Administration, security, defense, and intelligence sites were particularly hard hit by the second round of attacks, which targeted only South Korean targets. Finally, in the third wave, the National Intelligence Service and a number of the country's top banks were hit. It is unclear how much these assaults cost the economy, but lost income is likely to be in the hundreds of millions of dollars because so many firms had to close due to the attacks.
The Law Is Starting to Close In
It is notoriously difficult to attribute a cyberattack to a specific individual, organization, or nation-state unless the perpetrators come out and admit responsibility. It wasn't shocking that nobody, not even Kim, took responsibility for disrupting South Korean infrastructure.
Despite hackers' best efforts to conceal their identities, it is occasionally feasible to determine where an attack originated. When investigating the incident initially, South Korean authorities uncovered evidence linking Lazarus to the attack. Moreover, after some time had passed, investigation had shown that Lazarus had really recycled the Operation Troy malware in subsequent operations. On March 20, 2013, one of these strikes began; it was codenamed "Operation Dark Seoul."
Before hackers crippled the network services utilized by dozens of media and financial institutions, the day in question had seemed like any other chilly and wet March day in South Korea. The computer networks of three network stations and a bank crashed, knocking off their broadcasts, automated teller machines, and mobile applications. The media had already speculated that Kim and company were to blame before the uncomfortably strange texts surfaced; after all, Kim doesn't exactly have a rabid fan club outside of Pyongyang. Additionally, the appearance of pro-Kim blogs provided conclusive evidence that Lazarus was responsible for the cyber assaults.
A multi-year cyber campaign was ultimately traced back to the North Korean government thanks to the findings of malware experts a few years after the attacks had ended. As they examined the code, they discovered dozens of similarities between the Dark Seoul malware and the malware used in the North's past strikes against South Korea.
After being charged by American and South Korean intelligence agencies that Kim was behind the Dark Seoul cyberattack, Kim's authorities claimed that the United States and South Korea had launched the first cyberattack. Claiming innocence and provocation at the same time is an odd defense strategy, but for Kim, it's just another day at the office.
Although Lazarus' reputation as a formidable cyber force had already been established thanks to the Dark Seoul assaults, it wasn't until November 24, 2014 that the world took notice. On that particular Monday, Sony workers showed up for work anticipating the regular grind, only to discover their displays stuck on a pixelated red skeleton emblazoned with the words "Guardians of Peace" and several threats (image below). A report that Sony Pictures had been hacked appeared on Reddit shortly afterward.
Some speculated that the "Guardians" title may not actually refer to a new hacking outfit but rather serve as a diversion.
Sometime later that day, sensitive information belonging to Sony began to appear online. Numerous unreleased scripts and films were among the tens of thousands of social security numbers and millions of emails that belonged to employees. The media wasted little time in sifting through the hacked emails, and long juicy conversations about Hollywood stars like Angelina Jolie and Charlie Sheen were revealed.
The hackers warned that if the movie wasn't put on hold, much more embarrassing information will leak online. Sony and the U.S. intelligence services took notice of this demand since it didn't make any logical sense.
Seth Rogan and James Franco (above) play journalists who travel to North Korea after being invited by Kim Jong-un for an interview. The actual Kim Supreme was rather irritated by the release of the teaser trailers for The Interview, which portray Kim as a deranged madman who is just waiting to be assassinated.
Kim had already voiced his reservations about the film to the United Nations months before the Sony hack.
When the hackers' demand became public knowledge, U.S. intelligence agencies officially blamed Kim and his Lazarus hackers. Technical analyses and parallels between the hacking tools and malware used in Sony's hack and previous assaults blamed on Lazarus were also offered as proof. The issue of "who's to blame" for Sony's hack was finally answered when the FBI, during a follow-up investigation, discovered many proxy IP addresses that came from someplace in North Korea.
Despite the mountain of evidence against Kim, his media spokespeople vehemently denied his guilt, saying things like "the hacking into the SONY Pictures might be a righteous deed of the supporters and sympathizers with the DPRK in response to its appeal [that the film be shelved]" and "we do not know where in America the SONY Pictures is situated." The second response ("we do not know where...SONY Pictures is") suggests that NK's spies are unable to find the company's address despite the country's demonstrated nuclear and cyber capabilities. For the record, you can get Sony's corporate address in "0.83 seconds" with a quick Google search. It's also on the free encyclopedia.
After the Sony hack occurred in 2014, it took the United States Department of Justice until 2018 to formally prosecute a member of Lazarus for his involvement. Park Jin Hyok was the hacker, and the FBI is still looking for him.
According to testimonies provided by defectors, Kim has instituted a cyber scouting program in which teachers choose exceptionally gifted pupils in mathematics at an early age (as young as twelve) and prepare them to become cyber warriors. Those who are selected are pulled out of school and sent to Pyongyang, where they are trained by cyber professionals (perhaps Lazarus members) to wage cyberwar and become the next generation of Lazarus hackers.
As opposed to fighting, why not just rob?
The first financially driven cyberattack was carried out by Lazarus in the second week of 2015. After posing as bank employees, they called Wells Fargo and requested a $12 million wire transfer from the Banco del Austro to their own accounts in Hong Kong. The hackers used the worldwide financial system SWIFT, although both SWIFT and Wells Fargo have denied responsibility for the security lapse.
In May and October of the same year (2015), Lazarus conducted two further assaults, in the Philippines and Vietnam respectively. However, its attempts to steal $1 million from Tien Phong Bank in Vietnam and to conduct probing assaults on a large number of Filipino institutions were unsuccessful, in contrast to its activities in Ecuador. Both hacks were reported in the media, but neither was initially ascribed to Kim or Lazarus. Almost a year later, after one of Lazarus's boldest hacks, the Bangladesh Central Bank theft, this occurred.
The unfortunate recipients of these emails opened attachments that contained Lazarus Group malware. With the use of this malware, Lazarus was able to exert near-total control over the bank's network, including its internal accounts and money transactions. Despite having access to sensitive information for nearly a year, the hackers surprisingly showed discipline and didn't use the vulnerability.
Lazarus initiated the first of 35 unsuccessful transfers from the Bangladesh Bank's New York Fed account at 20:36 EST on February 4, 2016.
Almost immediately, Kim's expectations of being paid and buying some new, flashy nuclear weapons were dashed by the unlikeliest of security measures: a single printer on the bank's 10th floor that printed every single transfer from the accounts as it happened. Before the crime, Lazarus hackers had discovered the printer and disabled it through hacking its software. The bank employees, however, quickly recognized the printer's error and restarted it. After powering back up, the printer spit out hundreds of papers revealing fraudulent withdrawals of $951M from the company's U.S. account. United States Treasury Department's Federal Reserve. When the bank tried to contact the Fed for assistance, they were unable to reach anyone.
It was 8:45 am local time when the bank found out about the fraudulent transactions, so most of the employees were at their desks and ready to help. The only personnel who could have helped were at the Fed office in New York, USA, and they didn't start work until 22:00. As a result, the vast majority of Fed workers were not present during the time of the theft and were powerless to prevent the bank's destruction. Lazarus almost pulled off the greatest robbery in history by taking advantage of the time difference between the United States and Bangladesh. Thankfully, Kim's dreams of a billion dollar payout were destroyed by pure chance.
A member of Lazarus made the disastrous decision to deposit the stolen cash in an RCBC bank on Jupiter Street in Manila. To Lazarus, this bank's street address would have appeared quite ordinary and harmless; but, given slightly different conditions, the robbers may have gotten away with significantly more money than they really did. When the first cash of stolen funds landed at a bank with the same name as an Iranian transport vessel that had recently been sanctioned by the Fed, suspicions were raised. Despite the Fed's best efforts, they were unable to stop the first $five transactions totaling $101 million before the others were examined and blocked.
Kim was disappointed because it was just 1% of her target.
It seems that in the wake of the Bangladesh robbery, Lazarus and company decided to switch their focus from banks and other financial institutions, who have extremely strong security mechanisms in place, to cryptocurrency platforms. This appears to be a horrible idea at first look. One could assume that crypto services offer greater safety than traditional financial institutions like banks.
Blockchains are the backbone of cryptocurrencies and platforms like Ethereum (they work without a central controller approving everything, like a bank). There are many reasons why apps and services built on decentralized platforms are preferable to their centralized counterparts. These include the fact that they are more secure because they lack a central point of failure, the fact that they operate trustlessly (without intermediaries), and the fact that blockchain data is often public and cryptographically verified. While cryptocurrencies themselves have a high level of security, centralized (CeFi) exchanges do not.
Since April 2017, Lazarus has been actively attacking these CeFi exchanges, which should come as no surprise.
On April 22, 2017, Lazarus penetrated four of Yapizon's hot wallets, where the vast majority of customers' cash were kept. A third of Yapizon's cash, or 3,816 BTC (at the time, roughly $5M), were stolen by hackers.
Bithumb was the fourth largest crypto exchange in the world in terms of volume in late 2017, making it one of the busiest in South Korea. Staff members didn't suspect anything when significant amounts of crypto disappeared from the company's wallets, despite the firm's size and respectable reputation. Users discovered they couldn't withdraw money until the Bithumb staff took action. The company went silent for two days before admitting that hackers had breached an employee's computer using social engineering to steal $7 million in cryptocurrency and the personal information of 31,800 customers.
Kim's hackers didn't waste any time after their initial successful hack on Yapizon before striking again, utilizing the identical method that had brought them success the first time. This time they made off with 4,000 Bitcoin, or 17% of the exchange's total assets. It took South Korean intelligence a few weeks, but they eventually pin the hacks on Lazarus.
Bithumb appears to have learned little from its previous hacking, much like Yapizon. What's worse is that they repeated the $20 million exchange in 2019. Kim's hackers contacted Bithumb during the first breach and sought a $16M ransom in exchange for user credentials they collected during the first hack, according to a study of Bithumb's breaches commissioned by the U.S. Secret Service.
Lazarus's members pulled off their largest crypto heist to yet, stealing $62 million from NiceHash, right before the end of 2017. Like the Bithumb hack earlier this year, it was NiceHash customers who first discovered their money was stolen. The CeFi exchange afterwards issued a statement saying, "our payment system was infiltrated and the contents of the NiceHash Bitcoin wallet have been taken." Many people suspected NiceHash's creator, Matja korjanc, of being involved in the heist, although at the time it was unclear whether Lazarus operatives or another organization were responsible. However, in 2021, an indictment was brought in the United States against three known Lazarus agents (Jon Chang Hyok, Kim Il, and Park Jin Hyok) for a range of cybercrimes, including the NiceHash hack.
Blockchain: A Helpful Tool for Law Enforcement?
After all, the decentralized nature of blockchain was designed to discourage money laundering. If so, how did Kim's cyber gang steal so much money from institutions that are meant to be safe? Cryptocurrencies are not broken, and it is not easy to withdraw funds from stolen crypto.
As is typically the case when fencing stolen riches, the benefits would not outweigh the costs. After Peruggia's arrest, he was sent to jail, and the painting was restored to the Louvre, where it had originally been shown.
Ironically, since paintings aren't recorded on a public, immutable ledger, selling stolen crypto can be just as difficult as fencing stolen artworks, if not worse. Coinbase and Binance both have necessary, strict KYC checks, so it's unlikely that Kim or a Lazarus member would be able to sign up for an account there without a lot of hassle.
There are, however, methods and programs that Lazarus (and other hackers) employ to cash their stolen crypto. Currently, the most popular of these is the currency mixer, which allows criminals to hide the origin of their stolen cryptocurrency by mixing it with that of other users.
They put the stolen ether and bitcoin into a mixing service, wait a few days, and then use the purified money to trade on decentralized exchanges (DEXs). At some point, after being purified, the crypto makes its way to an Asian CeFi exchange, where Lazarus makes a deal for fiat cash that he then deposits into accounts controlled by Kim.
If you recognize the name, it's because Tornado has been receiving a lot of negative attention lately for assisting Lazarus in cleaning their stolen crypto. The United States government was aware of this, and in August of this year, officials placed penalties on the Tornado platform, alleging evidence that it had laundered over $7 billion in crypto since 2019. Meanwhile, in mid-August of this year, the Dutch government detained an accused developer of Tornado Cash, which infuriated the crypto industry. It was claimed by many that law enforcement shouldn't go after engineers who create legal software tools, even if criminals end up using them.
The regulatory effort to end Kim's cybercrime campaign has clearly increased, regardless of our views on the legality and ethics of the sanctions and arrests that have been implemented. They probably had good cause to: according to a report published at the end of 2018 by the cybersecurity firm Group-IB, Kim's hackers made $571M through attacks on crypto exchanges over the course of the preceding 24 months.
The attacks didn't stop with NiceHash and Bithumb, of course. Lazarus targeted the UpBit exchange in South Korea in November of this year. The $50 million in stolen assets were never recovered, but at least they weren't taken from customer accounts. After the hack, UpBit stopped all transactions for nearly seven weeks before reopening to users. Despite its troubled past, the exchange is still active at present, with the hopeful slogan "Most Trusted Digital-Asset Exchange" prominently displayed on its homepage.
Within a short time after the UpBit hack, the UN estimated that Kim's cyberattacks had cost $2 billion. In addition, at the time, analysis from Chainalysis suggested that the Lazarus Group was responsible for an astounding 70% of all crypto thefts in 2019. We can only guess how Kim spent this money, but a safe bet is on his favorite pastime: the development of larger and more powerful intercontinental ballistic missiles.
In early September, perhaps due to a breach, hackers gained access to the exchange's private keys for its hot wallets. This gave them range to $275M worth of Bitcoin, Ethereum, and other ERC-20 tokens. As a pleasant and unexpected twist of fate would have it, however, it appears that the majority of the lost funds have been recovered. KuCoin's CEO Johnny Lyu subsequently clarified that his team had recovered $236M (or 84% of the stolen monies) through coordination with partners and other platforms, and that the remainder had been covered by insurance. What would have been Lazarus' largest score to date was ultimately foiled by a well-organized and cohesive crypto community.
You may recall that the Covid-19 epidemic peaked in September of 2020. In response, countries closed their borders, airlines canceled their flights, and the global economy came to a standstill. North Koreans suffered more than average because to the country's extensive poverty, inadequate infrastructure, and near list of international supporters. Kim had little interest in engaging with the West, even briefly, while other nations partnered to establish Covid testing and vaccines. He instead attempted redemption via theft.
Back in March of 2020, while the epidemic was just beginning to spread, Kim's cyber troops began breaking phishing emails and false job applications laced with malware to healthcare and pharmaceutical companies. It's unclear what they were actually looking for, but vaccination formulas seem like a good guess. Even in 2021, healthcare companies were still a target of the Lazarus cyberattack, when the group targeted Pfizer, a pharmaceutical company in the United States that collaborated with BioNTech to develop a vaccine against the endemic Covid-19 virus. According to Microsoft's analysis of the assaults on healthcare and pharmaceutical organizations, Lazarus was attempting to hack into many more businesses than Pfizer.
There is little to show that North Korea's attacks on pharmaceutical corporations were successful. Unfortunately, the same cannot be said of crypto, since Lazarus will siphon over $400 million from sites using crypto in 2021. Cryptocurrency's worldwide market cap breaking several all-time highs and increasing the value of their plunder is a major factor in the phenomenon. The Japanese CeFi exchange Liquid.com was Kim's biggest score that year, yielding $91M in 67 different ERC-20 tokens, Bitcoin, and Ether. Similar to the aforementioned crypto attacks, Lazarus gained access to the exchange's hot wallets and then moved assets to themselves before laundering it through Tornado Cash.
According to the findings of Chainalysis, after the Liquid.com hack, North Korea had around $170M in stolen crypto spread over several wallets. Several factors contribute to this, the most important being that crypto exchanges like Tornado aren't a magic bullet against crypto laundering. The monies will be alright if the hacker can get them through the mixer before anybody notices the hack. However, nowadays, crypto platforms have warning bells that go off when they are hacked, allowing them to trace the stolen money before it reaches a mixer. They may then use community assistance to keep tabs on the money and even temporarily block it before it reaches a mixer, as was the case with the KuCoin hack. It's also conceivable that Kim and the gang are long on cryptocurrency and are waiting for its value to rise before turning it into cash.
Lazarus has broken into two major systems in 2022. Axie Infinity, a P2E game, inspired the first, Ronin, a custom Ethereum sidechain.
The engineer went through many interviews before receiving a PDF with his "very lucrative" salary offer attached. Lazarus long had control of the private keys for 5 out of 9 of Ronin's validator nodes, allowing them to unilaterally approve any transaction they pleased.
None of the team's cyber tools or security procedures alerted them to the breach, and it wasn't until a user asked why they couldn't withdraw their Ether that the team realized there had been a problem. When the dust settled, Lazarus had stripped Ronin of 173,600 Ether and $25.5M USDC (for a grand score of $625M).
It took the United States Treasury Department two weeks to pin the blame on Kim Jong-un, Lazarus, and North Korea. A data analytics firm by the name of Elliptic was able to track down the whereabouts of 75 percent of Ronin's missing crypto by demonstrating that the hackers had immediately converted the stolen USDC into Ether to prevent the authorities from freezing it, and then laundered the Ether through currency mixers, again involving Tornado Cash.
For many who lost their jobs during the Covid-19 lockdowns, the game Axie—for which the Ronin sidechain was developed—provided a welcome source of money from the comfort of their own homes. People lost a lot of money, but the true tragedy is that the money will be used to fund a growing nuclear armament under the hands of a dictator who kills anyone who doesze off during a speech.
Each time Lazarus breaks into a new crypto platform, the first thing the victims want to know is, "Who's going to pay back the money I lost?" All too often, "nobody" is the simple and unsatisfactory response. There were several bankruptcies filed by businesses that had fallen for one of Lazarus' frauds because they were unable to repay their investors. Some people made the decision not to return their community, but they kept on and said they would do better next time. However, there is cause for optimism thanks to Axie. Attempting to compensate the victims, the company raised $150 million through Binance in April. This amount is certainly not enough to completely plug the problem, but it will help to alleviate the severe financial hardship that most people will face.
At long last, we reach Lazarus' most recent victim: Harmony, a California-based company that constructs bridges between various blockchains. Employees of Harmony wrote on their money blog that hackers had "compromised" their bridge through eleven transactions that drained all its cash (about $100 million), and that they were now collaborating with law authorities and the wider crypto community to recover the stolen monies. However, three days later, the anonymous hackers used Tornado Cash to launder $96M worth of the stolen crypto, making it highly unlikely that any of it will ever be recovered.
Kim's cybercrime empire has definitely been expanding, and in the weeks that followed, intelligence officials from a wide range of countries voiced grave worries about it. According to Anne Neuberger, President Biden's deputy national security advisor for cyber and new technologies, "they utilize cyber to obtain, we estimate, up to a third of [stolen crypto] monies to fund their missile development."
To Harmony's embarrassment, it was later revealed that the company had been told that its security wasn't up to par. A developer going under the Twitter name Ape Dev raised concerns by pointing out that hackers might empty the multi-sig wallet used by the Harmony bridge with just two stolen signatures. If two of the four multisig signers are hacked, we will witness another nine-figure hack," Ape tweeted. Naturally, what the ape predicted happened.
Is there any way to put a stop to it?
The libertarian wing maintains that any attempt to transfer authority to regulators is doomed to fail since no agency should be allowed to censor, prohibit, or regulate crypto transactions regardless of their legality. Whereas, governments and their regulators argue that legislation is the greatest method to limit Kim's cyberwarfare effort and that they should be empowered to freeze any user's cash if they suspect them of a crime.
Isn't it counterintuitive that the very goal of decentralized currency is to prevent central authority from deciding who can and cannot use crypto? Also, if authorities had the ability to seize illegal funds and eradicate currency mixers, we'd be in a stronger position to counter Lazarus and slow Kim's nuclear development. So, is it really worth it to have rules in place?
Because, despite its many flaws and limitations, North Korea remains one of the greatest threats to humankind. Each time a crypto platform suffers a hack, Kim's rocket scientists respond by developing a more potent nuclear weapon.
The crypto sector will need to come up with a money to recover the funds taken in the Lazarus attacks or to prevent platforms from being hacked in the first place (without the intervention of authorities) or else regulators will be forced to act. It may be argued that they already have, as Tornado Cash has been approved. If this trend continues and the crypto industry is severely regulated to the point that wallets and transactions require identification documents to function, then crypto will have only been a somewhat more efficient version of the financial systems we now have.
To safeguard investors and stop Lazarus from taking any more money, the crypto industry requires a deliberate, worldwide, and collaborative effort to build tools and methods that can achieve what authorities claim only legislation can. Without these resources, regulators would likely use Kim as a reason to introduce KYC checks and other forms of regulation across the board in the crypto industry. Like Tornado Cash, any platforms that don't comply risk being banned or subject to punishment.
After Edward Snowden revealed the National Security Agency's (NSA) illegal mass surveillance practices, the United States government defended them on the grounds that they were necessary to keep citizens from terrorist attacks.
No financial advice is offered or implied in this article.