North Korean hackers launched at the least seven assaults on cryptocurrency platforms final 12 months to steal virtually $400 million price of digital belongings, in line with a report by blockchain analysis firm Chainalysis.
“From 2020 to 2021, the variety of North Korean-linked hacks jumped from 4 to seven, and the worth extracted from these hacks grew by 40%,” the report mentioned.
The assaults primarily focused funding corporations and centralized exchanges.
The report acknowledged that the hackers siphoned the funds from the organizations’ internet-connected “sizzling wallets” into DPRK-controlled addresses by utilizing complicated techniques, together with phishing lures, code exploits, malware and superior social engineering.
“As soon as North Korea gained custody of the funds, they started a cautious laundering course of to cowl up and money out,” the report mentioned.
In 2021, Ethereum and Bitcoin accounted for 58% and 20% of the funds, respectively; 22% got here from ERC-20 tokens or altcoins.
The report additionally mentioned, citing the United Nations Security Council, North Korea used the cash by hacks to assist its weapons of mass destruction (WMD) and ballistic missile-related packages.
As per the evaluation report, the Lazarus Group — a hacking group that’s a part of North Korea’s major intelligence company, the Reconnaissance Normal Bureau — is suspected of finishing up the assaults. The Lazarus Group has beforehand been accused of the cyberattack on Sony Pictures Leisure and WannaCry.
Greater than 65% of North Korea’s stolen funds had been laundered by means of mixers — software program instruments that pool and scramble digital belongings from hundreds of addresses.
North Korea additionally owns unlaundered crypto funds, that are believed to be price $170 million, from 49 separate hacks spanning from 2017 to 2021.
“It’s unclear why the hackers would nonetheless be sitting on these funds, however it may very well be that they’re hoping legislation enforcement curiosity within the circumstances will die down, to allow them to money out with out being watched. Regardless of the purpose could also be, the size of time that DPRK is keen to carry on to those funds is illuminating, as a result of it suggests a cautious plan, not a determined and hasty one,” the report mentioned.