North Korean hackers launched at least seven attacks on cryptocurrency platforms last year to steal almost $400 million worth of digital assets, according to a report by blockchain analysis firm Chainalysis.
The attacks primarily targeted investment firms and centralized exchanges.
The report stated that the hackers siphoned the funds from the organizations’ internet-connected “hot wallets” into DPRK-controlled addresses by using complex tactics including phishing lures, code exploits, malware, and advanced social engineering.
“Once North Korea gained custody of the funds, they began a careful laundering process to cover up and cash out,” the report said.
In 2021, Ethereum and Bitcoin accounted for 58% and 20% of the funds, respectively; 22% came from ERC-20 tokens or altcoins.
The report also said, citing the United Nations Security Council, North Korea used the money by hacks to support its weapons of mass destruction (WMD) and ballistic missile-related programs.
As per the analysis report, the Lazarus Group — a hacking group that is part of North Korea’s primary intelligence agency, the Reconnaissance General Bureau — is suspected of carrying out the attacks. The Lazarus Group has previously been accused of the cyberattack on Sony Pictures Entertainment and WannaCry.
More than 65% of North Korea’s stolen funds were laundered through mixers — software tools that pool and scramble digital assets from thousands of addresses.
North Korea also owns unlaundered crypto funds, which are believed to be worth $170 million, from 49 separate hacks spanning from 2017 to 2021.
“It’s unclear why the hackers would still be sitting on these funds, but it could be that they are hoping law enforcement interest in the cases will die down, so they can cash out without being watched. Whatever the reason may be, the length of time that DPRK is willing to hold on to these funds is illuminating, because it suggests a careful plan, not a desperate and hasty one,” the report said.
Read the full report
Return to Cybersecurity News
You may enjoy reading,
This post was last modified on 14 January 2022 1:08 PM
British high street chain WH Smith has recently revealed that it was hit by a…
As banks worldwide roll out Voice ID as a means of user authentication over the…
In the era of digital transformation, cybersecurity has become a major concern for businesses. When…
In today's digital age, cybersecurity threats have become a significant concern for businesses of all…
The RIG Exploit Kit is currently in the midst of its most productive phase, attempting…
One of the most transformational technologies of our time, artificial intelligence (AI), has quickly come…
Leave a Comment