North Korean Hackers Exceed $1 Billion in Cryptocurrency Theft in 2023
Experts have made a shocking revelation that, despite a significant decrease in the overall amount of funds stolen from cryptocurrency platforms in 2023, the threat of hacking remains high, especially with the rise in cyber heists conducted by North Korea-linked groups. These groups, including the notorious Lazarus group, have adopted increasingly sophisticated tactics to steal large sums of crypto assets.
In 2022, these nefarious entities associated with the Democratic People’s Republic of Korea (DPRK) managed to illegally obtain a staggering $1.7 billion, marking a record high in cryptocurrency theft. However, in a surprising turn of events, the total stolen amount slightly declined in 2023, reaching just above $1.0 billion. Despite this decrease, the number of breaches increased to 20, the highest ever recorded, highlighting an ongoing and evolving threat.
A detailed analysis by Chainalysis provides insights into the distribution of these thefts, revealing that North Korea-linked hackers primarily targeted decentralized finance (DeFi) platforms, from which they stole approximately $428.8 million in 2023. Centralized services, exchanges, and wallet providers also fell victim to these hackers, suffering losses of over $150 million, $330.9 million, and $127.0 million, respectively.
The modus operandi of DPRK-linked hackers involves infiltrating digital wallets by compromising private keys or seed phrases, striking at the core of digital asset security. Once the breach occurs, the stolen assets are funneled into DPRK-controlled wallet addresses, often converted to USDT or Tron, and then laundered into hard currency through high-volume over-the-counter (OTC) brokers.
In response to increasing international law enforcement pressure and sanctions targeting their preferred currency mixing services, such as Tornado Cash and ChipMixer, these hackers have adapted by shifting their focus to alternative mixers like the BTC service Sinbad. Despite subsequent sanctions on Sinbad, they continue to explore new and more elusive laundering techniques.
Looking ahead to 2024, the past two years have demonstrated the urgent need for continuous advancements in cybersecurity, as North Korean hackers and similar groups have gained access to billions of dollars in crypto assets. The crypto community has responded by implementing enhanced security measures and improving tracking and recovery efforts for stolen funds. As we enter 2024, there is a cautious optimism that these efforts will help mitigate the impact of the world’s most formidable crypto thieves, ensuring a safer environment for digital asset holders.