Back to the list

North Korean Hackers Stole $400M Worth Crypto in 2021


www.financemagnates.com 14 January 2022 06:56, UTC
Reading time: ~2 m

North Korean hackers launched at least seven attacks on cryptocurrency exchanges in 2021, stealing around $400 million worth of digital assets, blockchain analytics firm Chainalysis revealed in the latest report.

The value of stolen crypto assets by these hackers jumped by 40 percent in 2021 from the prior year.

Though the report did not name all the victims of these attacks, it did mention the Japanese crypto exchange Liquid.com, which lost $91 million to hackers. The report further stated that the attacks primarily targeted investment firms and centralized exchanges.

The hackers used several tactics like phishing lures, code exploits, malware, and advanced social engineering to gain access to the crypto exchanges.

“Once North Korea gained custody of the funds, they began a careful laundering process to cover up and cash out,” Chinalysis stated. “The growing variety of cryptocurrencies stolen has necessarily increased the complexity of DPRK’s cryptocurrency laundering operation.”

Laundering the Stolen Proceeds

The hackers usually swap the crypto tokens for Ether on decentralized exchanges (DEX) and then send them to mixers to hide their transactional history. Again, they swap the Ether for Bitcoin on DEX and send those Bitcoins to mixers before depositing them on Asia-based crypto exchanges for cashing out.

“More than 65% of DPRK’s stolen funds were laundered through mixers this year, up from 42% in 2020 and 21% in 2019, suggesting that these threat actors have taken a more cautious approach with each passing year,” the report added.

The analytics company further identified $170 million worth of stolen unlaundered cryptocurrency sitting ideal on North Korea-controlled wallets. These stolen cryptocurrencies were linked to 49 separate hacks spanning from 2017 to 2021.

“Whatever the reason may be, the length of time that DPRK is willing to hold on to these funds is illuminating, because it suggests a careful plan, not a desperate and hasty one,” added Chainalysis.

Meanwhile, the involvement of state-sponsored North Korean hackers attacking crypto exchanges was also pointed out by a United Nations panel earlier. The state was accused of using the stolen proceeds to fund its nuclear weapons program. North Korea, however, denied these allegations releasing a statement.

Back to the list