North Korean hackers launched at least seven attacks on cryptocurrency platforms last year to steal almost $400 million worth of digital assets, according to a report by blockchain analysis firm Chainalysis.
“From 2020 to 2021, the number of North Korean-linked hacks jumped from four to seven, and the value extracted from these hacks grew by 40%,” the report said.
The attacks primarily targeted investment firms and centralized exchanges.
The report stated that the hackers siphoned the funds from the organizations’ internet-connected “hot wallets” into DPRK-controlled addresses by using complex tactics including phishing lures, code exploits, malware, and advanced social engineering.
“Once North Korea gained custody of the funds, they began a careful laundering process to cover up and cash out,” the report said.
In 2021, Ethereum and Bitcoin accounted for 58% and 20% of the funds, respectively; 22% came from ERC-20 tokens or altcoins.
The report also said, citing the United Nations Security Council, North Korea used the money by hacks to support its weapons of mass destruction (WMD) and ballistic missile-related programs.
As per the analysis report, the Lazarus Group — a hacking group that is part of North Korea’s primary intelligence agency, the Reconnaissance General Bureau — is suspected of carrying out the attacks. The Lazarus Group has previously been accused of the cyberattack on Sony Pictures Entertainment and WannaCry.
More than 65% of North Korea’s stolen funds were laundered through mixers — software tools that pool and scramble digital assets from thousands of addresses.
North Korea also owns unlaundered crypto funds, which are believed to be worth $170 million, from 49 separate hacks spanning from 2017 to 2021.
“It’s unclear why the hackers would still be sitting on these funds, but it could be that they are hoping law enforcement interest in the cases will die down, so they can cash out without being watched. Whatever the reason may be, the length of time that DPRK is willing to hold on to these funds is illuminating, because it suggests a careful plan, not a desperate and hasty one,” the report said.
You may enjoy reading,
- Musk Confirms Twitter 2.0 will Bring End-to-End Encryption to Direct Messages - 28 November 2022
- UK bans Chinese CCTV cameras at ‘sensitive’ government locations - 26 November 2022
- Chrome Update: Exploited Zero-Day Vulnerability fixed by Google, the 8th this year - 25 November 2022