English
Arabic
French
Spanish
Portuguese
Deutsch
Turkish
Dutch
Italiano
Russian
Romaian
Portuguese (Brazil)
Greek
- 2021 was the most successful year for crypto hackers in North Koreas as they stole $400M in cryptocurrencies.
- The nation has been accused of using stolen funds to evade international sanctions.
Last year, about $400 million (£291M) worth of digital assets were drained from cryptocurrency platforms by hackers in North Korea – the highest ever recorded.
“From 2020 to 2021, the number of North Korean-linked hacks jumped from four to seven, and the value extracted from these hacks grew by 40%,” a Thursday report by blockchain analysis company Chainalysis reads, calling 2021 the “banner year” for North Korean crypto hackers.
Of note, the attacks were mainly centred on investment firms and centralized exchanges such as Liquid.com. The p;atform reported unauthorized access to its crypto wallets in August.
Hackers used various techniques, including phishing lures, code exploits, and malware. High-level social engineering was employed to move funds from organizations’ hot wallets into North Korea-controlled addresses.
Most of these attacks were likely orchestrated by the so-called “Lazarus Group,” Chainalysis notes. The lot is believed to be governed by North Korea’s primary intelligence bureau – the Reconnaissance General Bureau. Previously, the group has been accused of perpetrating the May 2016 worldwide ‘WannaCry’ ransomware attack. It has also been linked to the 2014 Sony Pictures cyberattack and other attacks on international banks. Based on these claims, the US Treasury sanctioned the group and two others in 2019.
North Korea harbouring Crypto Hackers
“Once North Korea gained custody of the funds, they began a careful laundering process to cover up and cash out,” the report noted.
Hackers made great use of mixers or tumblers to obfuscate their trail. Additionally, researchers noted that the country would hodl stolen funds, having $170M unlaundered crypto holdings from 49 separate attacks of 2017-21. The perpetrators are probably hoping law enforcement interest dwindles in time for withdrawal, the report said.
Whatever the reason may be, the length of time that (North Korea) is willing to hold on to these funds is illuminating, because it suggests a careful plan, not a desperate and hasty one,
Meanwhile, Pyongyang, the country’s capital, has been using stolen funds to facilitate its nuclear and ballistic missile programs, a United Nations panel monitoring sanctions on North Korea has alleged. Per the panel, this is a tactic to circumnavigate international sanctions, just like the increased mining of Monero in 2019-20.
Read More: North Korea increases Monero mining 10-fold to avoid international sanctions
A few days ago, the Biden administration imposed fresh sanctions on North Korea following advancement in its missile programs. The country’s leader, Kim Jong-un, and its spokespersons have defended their actions as a righteous exercise of self-defence. The North has called the sanctions “isolating and stifling,” warning of stronger pushback should Washington continue its “confrontational stance.”
Hackers unbounded
Another report released late last year revealed that hackers in North Korea stole over $1.7 billion in cryptocurrencies from exchanges in the US, neighbouring South Korea, Indonesia, and others. And in February that year, the US charged three North Korean computer programmers for their involvement in a $1.3B+ year’s-long hacking spree. Victims of the attack included banks, and Hollywood movie studios among others, according to the Justice Department.
North Korea continues to deny any involvement whatsoever in these hacks.
