North Korean Cyber-Criminals Steal $400m in Cryptocurrency in 2021
In a recent report by blockchain analysis firm Chainalysis, it was revealed that North Korean cyber-criminals managed to steal nearly $400 million worth of cryptocurrency in 2021. This staggering amount was obtained through seven attacks on various cryptocurrency platforms, with a primary focus on investment firms and centralized exchanges. The increase in successful hacks from four in 2020 to seven in 2021 represents a 40% rise in stolen funds.
Techniques Used in the Attacks
The hackers employed a variety of techniques to extract the funds from their victims’ “hot” wallets into addresses controlled by the Democratic People’s Republic of Korea (DPRK). These methods included phishing lures, code exploits, malware, and advanced social engineering tactics. Once in possession of the stolen funds, North Korea initiated a meticulous laundering process to conceal and cash out the cryptocurrency.
The Role of Lazarus Group
It is believed that many of these cyber-attacks were orchestrated by the infamous Lazarus Group (APT 38), a hacking group associated with North Korea’s Reconnaissance General Bureau. While Lazarus has been linked to high-profile attacks like Wannacry, their focus in recent years has shifted towards cryptocurrency crimes, proving to be highly profitable for the rogue state.
Previous Crypto Heists and Laundering
North Korean hackers have been implicated in several major cryptocurrency heists over the years, with a report from Venafi indicating that cybercrime is now the primary source of funding for the authoritarian regime. Interestingly, Chainalysis found that while Bitcoin accounted for only 20% of the stolen funds in 2021, Ether made up the majority at 58%, with ERC-20 tokens or altcoins comprising 22%.
Unlaundered Stolen Cryptocurrency
Chainalysis also uncovered $170 million worth of stolen cryptocurrency controlled by North Korea that has yet to be laundered. These funds are the result of separate hacks dating back to 2017. The security awareness advocate at KnowBe4, Erich Kron, emphasized the attractiveness of targeting cryptocurrency due to its decentralized nature and irreversible transactions, making it a prime target for nation-states looking to circumvent financial restrictions.