A new report from blockchain analysis firm Chainalysis suggests that in the year 2021, North Korea stole as much as $400 million worth of cryptocurrency. As many as seven separate attacks were launched as a means of gaining access to the money.
North Korea Is Rich from Stealing Crypto
Among the methods used to engage in thievery were “phishing lures, code exploits, malware, and advanced social engineering to siphon funds” out of organizations’ hot wallets and addresses, according to the document. Chainalysis also states:
Once North Korea gained custody of the funds, they began a careful laundering process to cover up and cash out.
2021 was clearly a profitable year for the hackers considering they stole about 40 percent more funds than they did in 2020. In addition, there were only four attacks in the earlier year, whereas the later one saw an additional three taking place, meaning North Korea is becoming bolder and effective means of stopping actors with malintent have not been set in motion.
In the report, Chainalysis writes:
In terms of dollar value, bitcoin now accounts for less than one-fourth of the cryptocurrencies stolen by the DPRK. In 2021, only 20 percent of the stolen funds were bitcoin, whereas 22 percent were either ERC-20 tokens or altcoins, and for the first time ever, ether accounted for most of the funds stolen at 58 percent.
The organization claims that most of the attacks were likely carried out by an organization known as the Lazarus Group, a hacking party that is allegedly funded by the country’s government. Lazarus has been on the U.S.’s radar for several years and is wanted in connection with several past malware attacks including the WannaCry ransomware incident that occurred in 2017.
From 2018 on, the group has stolen and laundered massive sums of virtual currencies every year, typically in excess of $200 million.
Among the most successful attacks to occur last year was one on the crypto exchange Ku Coin and another unnamed trading platform. Both attacks resulted in more than $250 million in crypto funds being stolen. In addition, data stemming from the United Nations suggests that the money has gone towards funding the ballistics missile program that North Korea is working to implement.
Sitting and Biding Time
Lastly, North Korea allegedly has as much as $170 million in stolen crypto funds that it hasn’t bothered to launder or hide just yet. The money was taken between 2017 and 2021. At press time, it’s unclear why the nation is simply sitting on the money. Chainalysis says:
This suggests that DPRK-linked hackers aren’t always quick to move stolen cryptocurrencies through the laundering process. Whatever the reason may be, the length of time that DPRK is willing to hold on to these funds is illuminating because it suggests a careful plan, not a desperate and hasty one.