North Korean Hackers Stole $400 Million in Cryptocurrency Carefully Last Year
North Korean hackers stole about $400 million in cryptocurrencies last year in at least seven assaults on cryptocurrency trading sites.
“From 2020 to 2021, the number of North Korean-related attacks increased from four to seven, while the value retrieved via these breaches increased by 40%,” according to a recent research from blockchain intelligence company Chainalysis. “Once North Korea seized control of the monies, they immediately initiated a meticulous laundering operation to conceal and pay out.”
While Chainalysis could not name all of the hackers’ targets, the study noted that the majority were financial companies and centralised exchanges. In August of last year, one such exchange, Liquid.com, reported unlawful access to many wallets it maintained.
According to the study, the hackers utilised a number of techniques to transfer payments from the wallets of these organisations to North Korean-controlled accounts. These approaches included phishing lures, code exploits, malware, and sophisticated social engineering. Additionally, the research highlighted how North Korea escalated its use of’mixers’ to launder stolen bitcoin dramatically.
Many of these assaults seem to have been carried out by the Lazarus Group, which the US alleges is overseen by North Korea’s Reconnaissance General Bureau, the country’s premier intelligence agency. The gang has previously been implicated in the “Wanna Cry” ransomware attacks and the 2014 hacks on Sony Pictures.
The US accused three North Korean programmers last year with a vast, years-long cyber scheme aimed at stealing $1.3 billion in cash and cryptocurrency. Meanwhile, South Korean media reports claimed late last year that North Korea had hacked cryptocurrency exchanges worth 2 trillion won ($1.7 billion). Additionally, the investigations highlighted that the hackers seemed to be retaining the assets rather than immediately selling them for cash.
Chainalysis, for its part, discovered $170 million in unlaundered bitcoin assets from 49 separate attacks between 2017 and 2021. While the study did not speculate on the hackers’ ultimate motivations, it said that they exhibited purposeful deliberation. “Whatever the reason, the amount of time that (North Korea) is ready to retain these cash is instructive, since it indicates a deliberate strategy, not a hurried one,” Chainalysis said.