Threat actors have been targeting cryptocurrency platforms, resulting in the theft of $2.2bn in 2024. According to Chainalysis, a blockchain analytics company, the majority of these illicit funds (61%) were attributed to North Korean hackers. This marks the fifth year in the past decade that hackers have managed to steal over $1bn from crypto firms.
In 2024, there was a 21% year-on-year increase in stolen funds, with the number of individual incidents also rising from 282 in 2023 to 303 in 2024. However, the intensity of attacks seemed to decrease in the second half of the year, which could be due to geopolitical reasons. The cumulative value stolen between January and July 2024 amounted to $1.58bn, an 84% increase compared to the same period in 2023. If this trend had continued in the second half of the year, losses could have exceeded $3bn.
Chainalysis suggested that the decline in attacks could be linked to a meeting between Vladimir Putin and Kim Jong-un in June. It is believed that a deal was made to release North Korean assets previously frozen in compliance with UN Security Council sanctions, as well as potentially advanced missile and submarine technology. Following the summit, the value of funds stolen by North Korean hackers dropped by 54%.
Despite this decrease, North Korean attacks are becoming more frequent. The report highlighted that attacks involving $50-100m and those above $100m were more common in 2024 compared to 2023, indicating that North Korea is improving its capabilities in conducting large-scale exploits.
However, there has also been an increase in smaller hacks yielding around $10,000 in value. Chainalysis warned that North Korean IT workers are increasingly infiltrating crypto and Web3 companies, compromising their networks using sophisticated tactics.
To strengthen defenses against such attacks, Chainalysis recommended that companies rigorously vet prospective employees and enhance private key hygiene. Additionally, data-sharing initiatives, advanced tracing tools, and targeted training can help crypto firms identify and neutralize threats more effectively.
As regulatory frameworks around cryptocurrencies evolve, there will likely be increased scrutiny on platform security and customer asset protection. By adopting industry best practices and fostering stronger partnerships with law enforcement, the crypto industry can enhance its defenses against theft and ensure accountability.