North Korean Hackers Steal $3 Billion in Cryptocurrency Since 2017
In a recent report by Recorded Future’s Insikt Group, it has been revealed that North Korean hackers have managed to steal a staggering $3 billion in cryptocurrency since 2017. This highlights the regime’s long-standing involvement in the cryptocurrency sector, transitioning from targeting financial institutions through the SWIFT network to a more comprehensive strategy during the cryptocurrency boom of 2017. Initially focused on South Korea, these attacks have now expanded globally.
In 2022 alone, North Korean threat actors are accused of pilfering a significant $1.7 billion in cryptocurrency. This amount represents 5% of the country’s recorded economy or a substantial 45% of its military budget, showcasing the severe economic impact of these cyber operations.
The illicit funds obtained through these activities undergo typical laundering processes used by conventional cybercriminal groups. This illicit revenue is crucial for the regime, providing financial resources despite facing international sanctions.
Supported by the state, North Korean threat actors engage in operations similar to those of other cybercriminal groups but on a larger scale, responsible for 44% of the stolen cryptocurrency in 2022. Their targets range from cryptocurrency exchanges to individual users, venture capital firms, and alternative technologies.
The stolen cryptocurrency is often converted into fiat currency, with North Korean threat actors employing various tactics, including the use of stolen identities and manipulated photos to evade anti-money laundering measures.
Recorded Future’s research suggests that the regime views cryptocurrency theft as a major revenue source, primarily funding military and weapons programs. While the exact allocation for ballistic missile launches remains unclear, there is a noticeable correlation between the increase in stolen cryptocurrency and the rise in missile launches.
The report emphasizes the necessity for stronger regulations, enhanced cybersecurity measures, and increased investments in cybersecurity for cryptocurrency firms.
“Without stronger regulations, cybersecurity measures, and investments in cybersecurity for cryptocurrency firms, North Korea is likely to continue targeting the industry for additional revenue,” Recorded Future stated.
“Despite restrictions on movement and isolation of the general population, the regime’s elite and highly trained computer science professionals with privileged access to technology play a crucial role in conducting cyber-attacks against the cryptocurrency industry.”
This ongoing threat highlights the importance of robust cybersecurity measures in the cryptocurrency sector to safeguard against malicious actors like North Korean hackers.