The use of cloud mining to launder stolen funds is a new tactic for this group, as they have previously used other methods such as mixing services and peertopeer marketplaces.
Mandiants report suggests that this new tactic may be a response to increased scrutiny and regulation of cryptocurrency exchanges, making it more difficult for the group to cash out their stolen funds.
Mandiants research suggests that APT43 has been using this method to mine cryptocurrency and transfer the funds to their own wallets, effectively laundering the stolen funds.
Joe Dobson, a Mandiant threat intelligence analyst, explains, This is like a bank robber stealing silver from a bank vault and then going to a gold miner and paying the miner in stolen silver.
The use of cryptocurrency allows North Korea to bypass traditional banking systems and sanctions, making it an attractive target for statesponsored cyber attacks.
The report serves as a reminder of the ongoing threat posed by statesponsored hacking groups, particularly those with the backing of hostile governments.