A stirring revelation arrived from the blockchain analytics firm, TRM Labs, revealing that North Korean hackers have siphoned more than $2 billion in cryptocurrencies within the past five years. This staggering figure includes around $200 million in crypto thefts for the year alone. Strikingly enough, TRM Labs insights discovered that North Korean incursions accounted for over 20% of all crypto thefts in this calendar year, citing their activities as being tenfold that of other cyber-criminals. An important factor to note is that these figures come despite North Korea’s staunch denial of any cyberattack allegations.
A closer investigation revealed that the crypto attackers from the far eastern nation primarily targeted the increasingly valuable DeFi ecosystem, including cross-chain bridges. A cornucopia of methodologies backed their offensive ventures – from supply chain attacks and phishing to infrastructure hacks involving critical compromises of private keys or seed phrases. The attackers also exhibited a noteworthy focus on network infrastructures within foreign aerospace and defense companies.
Substantiating these figures, the TRM Labs study highlighted how, despite cryptocurrency theft in 2023 witnessing a dip from the record figures of 2022, the centralization on the crypto ecosystem from the North Korean end persisted.
Analyzing the stolen amounts, it can be determined that the year 2022 served as a breakthrough occasion for high-scale hacks, recording an excess of $4 billion extracted predominantly through North Korean state-affiliated hacking collectives. A standout moment was when the Ronin Network came under assault and witnessed a dilapidation of $625 million. The preemptive hand was identified by US officials as a North Korean group, famously known as Lazarus, and an effort to recover these funds saw a successful return of a near $30 million.
Delving into the grim details of 2023, an attack on the popular non-custodial wallet provider, Atomic Wallet, was dubbed the most lucrative, enduring a theft of an approximate $100 million worth of cryptocurrency from more than 4,100 unique addresses. The methodology of the attack suggested the probability of a phishing or supply chain attack.
The report divulged that the cryptocurrencies stolen were primarily spread across theETH, TRON, BTC, XRP, DOGE, Stellar XLM and Litecoin blockchains. Interestingly, the drained funds were directly transported to centralized exchanges from victim wallets. Once identified, the ill-gotten gains underwent a series of elaborate laundering techniques, adding intricate layers to the cybercrime.