August 18, 2023 at 13:02 GMTModified date: August 18, 2023 at 13:03 GMT
August 18, 2023 at 13:02 GMT

North Korea hackers have stolen $2bn in crypto since 2018

In the past five years, North Korean hackers have stolen over $2billion in crypto in over 30 attacks, according to the latest from blockchain intelligence firm TRM Labs.

Hacking. Pic: Unsplash

In the past five years, hackers in North Korea have stolen more than $2billion in crypto in over 30 attacks, according to the latest from blockchain intelligence firm TRM Labs.

While some reports say that the amount of crypto stolen by North Korea since 2018 is as high as $3bn, TRM research shows that this figure mistakingly includes hacks attributed to North Korea.

According to TRM, North Korea has stolen around $200m of crypto in 2023, which adds up to 20% of all stolen funds so far this year.

They also state that North Korean cyberattacks in 2023 are “10 times larger than attacks by other actors”.

TRM Labs notes that the North Korean hacks appear to be “opportunistic – reflected by an array of target and exploit types that have resulted in unprecedented gains”.

Their research adds: “In recent years, North Korea has almost exclusively targeted the DeFi ecosystem. Cross-chain bridges, which hold increasing volume, are a continued target. In 2022, North Korea stole over USD 800 million in three attacks against cross-chain bridges.

“North Korea exploits vulnerabilities in the crypto ecosystem in a variety of ways including through phishing and supply chain attacks, and through infrastructure hacks which involve private key or seed phrase compromises. These types of attacks are often enabled by conventional cyber operations and allow the attackers to seize and transfer the cryptocurrency to wallets they control.

“According to the FBI, North Korea conducted the largest cryptocurrency hack on record, stealing USD 625 million from Ronin Bridge in March 2022 using stolen private keys.

“While North Korea’s targets and techniques have evolved over time, so has their on-chain laundering methodologies. North Korea’s early exploits – which tend to involve the direct use of cryptocurrency exchanges – now feature highly complex, multi-stage money laundering processes in response to more aggressive OFAC sanctions, law enforcement focus, and improved tracing capabilities. A 2023 hack by North Koreans on Atomic Wallet exemplifies this evolution.”

They also state: “As North Korea continues to attack the growing crypto ecosystem, the ability to follow stolen funds is more critical than ever, and, as North Korea’s laundering methodologies evolve so must the tools investigators rely on.”