North Korea is laundering the stolen funds and using them to fund the country’s weapons of mass destruction and ballistic missile programs.
North Korea launched at least seven attacks on cryptocurrency platforms stealing a whopping $550 million last year, marking one of its most successful years to date, a new report has revealed.
It describes the country as one “that supports cryptocurrency-enabled crime on a massive scale”.
Disturbingly, the revenue generated from these hacks goes to support North Korea’s weapons of mass destruction and ballistic missile programs, according to the UN Security Council.
Since 2018, some of the most successful hacks have included one on trading platform KuCoin and another on an unnamed cryptocurrency exchange, with each netting more than $350 million alone, the report from blockchain analysis firm Chainanalysis found.
As for more recent attacks, these primarily targeted investment firms and centralised exchanges by using phishing lures, code exploits, malware, and advanced social engineering to siphon funds out of wallets and into North Korean controlled assets.
“Once North Korea gained custody of the funds, they began a careful laundering process to cover up and cash out,” the report noted.
From 2020 to 2021, the value extracted from these hacks grew by 40 per cent, it added.
One included an attack on cryptocurrency Liquid.com, where the hackers managed to wipe out $130 million from accounts in August last year.
Many of the attacks carried out last year were likely performed by the Lazarus Group, which the report said is led by North Korea’s intelligence agency, and has been slapped with sanctions by the United States.
The group has been accused of being involved in a number of high profile attacks including the WannaCry ransomware attacks, a global hack that spread through around 230,000 users of Microsoft Windows where a bitcoin ransom was demanded costing organisations millions.
It is also alleged to be behind the hacking of international banks and customer accounts and the 2014 cyber-attacks on Sony Pictures Entertainment, which leaked a load of confidential data.
Three North Korean computer programmers working for the country’s intelligence service were charged by the United States last year over a hacking spree that netted $1.8 million in money and cryptocurrency from the likes of Hollywood movie studios to banks.
Interestingly, in the last year the majority of funds stolen from North Korean hackers didn’t come from the world’s most well known crypto, bitcoin, with it now accounting for less than one fourth of the fortune taken, the report found.
In 2021, only 20 per cent of the stolen funds were bitcoin, whereas 22 per cent were either ERC-20 tokens or altcoins, while for the first time ever, ether accounted for a majority of the funds stolen at 58 per cent.
Chainanalysis also uncovered $240 million in current balances — representing the stolen funds of 49 separate hacks spanning from 2017 to 2021 — that are controlled by North Korea but have yet to be laundered through services.
“This suggests that (North Korean)-linked hackers aren’t always quick to move stolen cryptocurrencies through the laundering process,” the report said.
“It’s unclear why the hackers would still be sitting on these funds, but it could be that they are hoping law enforcement interest in the cases will die down, so they can cash out without being watched.
“Whatever the reason may be, the length of time that (North Korea) is willing to hold on to these funds is illuminating, because it suggests a careful plan, not a desperate and hasty one.”
However, North Korea has denied allegations of hacking in previous statements.