U.S. intelligence: North Korea has a record crypto hacking activity, earning $1 billion last year
In 2023, hackers linked to the northern part of the peninsula attacked a record number of international crypto platforms, Chainanalysis said in its latest report on Wednesday (January 24).
According to the blockchain analytics firm's report, data collected from 2016 to 2023 shows that northern hackers attacked 20 cryptographic platforms last year, the highest level on record for the same period.
Last year, hackers linked to the North stole just over $1 billion (7.2 billion yuan) worth of crypto assets, down from the record $1.7 billion (7.2 billion yuan) they stole in 2022.
"Hacking activity linked to the North has been on the rise over the past few years, with cyber espionage groups such as kimsuky and the Lazarus Group using a variety of malicious tactics to obtain large amounts of crypto assets," Chainanalysis said on Wednesday. ”
Another report by blockchain intelligence firm TRM Labs said hackers linked to the North stole at least $600 million in passwords in 2023.
Statistics from international professional organizations on the acquisition of overseas funds by North Korean hackers
In September last year, the Federal Bureau of Investigation (FBI) confirmed that North Korea's Lazarus Group was responsible for the theft of about $41 million in crypto assets from online casinos and gambling platforms.
On November 29 last year, the U.S. Department of the Treasury's Office of Foreign Assets Control (OFAC) sanctioned the virtual currency mixer Sinbad.io, which is a key money laundering tool for the Lazarus Group. A password mixer is a service that mixes passwords from different sources, making transactions more difficult to trace.
OFAC said Sinbad.io was responsible for assisting the Lazarus Group in money laundering, stealing millions of dollars in crypto products from companies such as Horizon Bridge and Axie Infinity hacks.
Previous research has shown that hackers linked to the North stole hundreds of millions of passwords to fund the regime's nuclear weapons program.
Since North Korea conducted its first nuclear test in 2006, the country has been repeatedly sanctioned by the United Nations in an effort to limit access to the sources of funding it needs to support its nuclear activities.
TRM Labs said in its Jan. 5 report that nearly $1.5 billion in stolen funds have been brought in the North in the past two years alone, and that the North's hacking capabilities require continued vigilance and innovation among international internet companies and governments.
While digital currencies or other digital financial exchanges have made significant progress in cybersecurity and increased international cooperation in tracking and recovering stolen funds, 2024 is likely to see further disruption by the world's most rampant cyber thieves, the report said.
Screenshot of CNBC's related report