North Korean hackers stole a record-breaking quantity of cryptocurrency final yr

Hackers from North Korea stole almost $400 million price of cryptocurrency in 2021 via a minimum of seven assaults and most of it was Ether or ETH quite than Bitcoin, in accordance with blockchain evaluation agency, Cainalysis. 

2021 was a document yr for North Korea’s navy hackers, essentially the most infamous of which is Lazarus, the group behind the damaging wiper assault on Sony Footage Leisure in 2014, WannaCry ransomware in 2017, a number of banks by way of the SWIFT banking system, and quite a few cryptocurrency exchanges. 

Also referred to as APT 38, the group has centered in on cryptocurrency theft as a major car for elevating income for the nation and evading US and UN financial sanctions. A UN Panel of specialists in 2018 concluded that its cryptocurrency hacks contribute to North Korea’s ballistic missile packages.

SEE: Scallops, vaccines and Tesla: The wild world of blockchain and cryptocurrency

The group employs frequent techniques utilized by different nation-state hacking teams and cybercriminals, together with social engineering, phishing and software program exploits. 

“From 2020 to 2021, the variety of North Korean-linked hacks jumped from 4 to seven, and the worth extracted from these hacks grew by 40%,” Chainalysis mentioned in its report. 

Assaults from North Korean hackers in 2021 largely focused funding companies and centralized cryptocurrency exchanges, in accordance with Chainalysis. The teams used social engineering to maneuver funds from targets’ wallets to addresses managed by North Korean accounts. The funds have been then laundered and cashed out.  

Final yr, 68% of the funds that North Korean hackers stole have been Ether, which changed Bitcoin as the first cryptocurrency. Bitcoin, nonetheless, nonetheless performs a key function in laundering stolen Ether by way of decentralized exchanges earlier than being blended into new wallets after which cashed out. 

Cryptocurrency mixer or ‘tumbler’ software program breaks down a consumer’s funds into small sums and blends it with different transactions in micro-transactions earlier than sending an equal worth to a brand new handle. The US filed its first cash laundering fees towards a US Bitcoin mixing service in 2020.   

“DPRK is a scientific cash launderer, and their use of a number of mixers … is a calculated try and obscure the origins of their ill-gotten cryptocurrencies whereas offramping into fiat,” the report notes.

North Korea additionally has about $170 million in cryptocurrency holdings from 49 assaults which have but to be laundered via mixers. Of that, $55 million got here from assaults carried out in 2016 whereas $35 million got here from assaults in 2020 and 2021. 

Chainalysis notes that $97 million stolen from cryptocurrency wallets managed by Japanese cryptocurrency change in August was moved to addresses managed by a celebration engaged on behalf of DPRK, leading to $91.35 million being laundered.

North Korea’s hacks on cryptocurrency exchanges are effectively doc by the US Cybersecurity and Infrastructure Safety Company (CISA). The US authorities’s umbrella time period for the nation’s hacking is HIDDEN COBRA. 

A February 2021 report from CISA particulars the work of North Korean hackers in reference to the AppleJesus malware that focused Home windows and Mac methods worldwide by posing as a respectable cryptocurrency buying and selling platform. 

Related posts