North Korea Audacious Crypto Heist Surpasses $600 Million in 2023
Threat actors linked to the Democratic People’s Republic of Korea (DPRK), commonly known as North Korea, successfully looted over $600 million in cryptocurrency in 2023.
Despite a 30% decrease from the previous year’s $850 million, the DPRK accounted for nearly one-third of the total funds pilfered in crypto attacks, as reported by blockchain analytics firm TRM Labs.
Attacks By North Korea are Destructive
Furthermore, cyber intrusions orchestrated by the DPRK were on average ten times more destructive compared to those not associated with North Korea. There are indications that additional breaches in the crypto sector toward the end of 2023 could elevate the total to approximately $700 million.
North Korean state-sponsored actors, who have amassed approximately $3 billion in stolen funds since 2017, recurrently employ this targeting strategy against cryptocurrency companies. These financially motivated attacks serve as a vital revenue stream for the nation, facing sanctions to finance its weapons of mass destruction (WMD) and ballistic missile programs.
The operation involves leveraging social engineering tactics to entice targets, with a primary focus on compromising private keys and seed phrases.
Exploiting these compromised credentials, threat actors gain unauthorized access to victims’ assets and subsequently transfer them to wallets under their control. To conceal their tracks, they often convert stolen assets into USDT or Tron, later transforming them into hard currency using high-volume over-the-counter (OTC) brokers.
Despite the U.S. Treasury Department sanctioning a crypto mixer service called Sinbad, which processed a significant portion of the DPRK’s proceeds, TRM Labs underscored the hackers’ continuous adaptation and exploration of alternative money laundering tools.
With a staggering $1.5 billion stolen in just the past two years, North Korea’s hacking capabilities demand ongoing vigilance and innovation from both businesses and governments.
The Attack on Atomic Wallet
Elliptic, a blockchain intelligence company, identified Lazarus as the perpetrator behind the Atomic Wallet attack.
This revelation comes in the wake of an announcement made by the non-custodial cryptocurrency wallet on Saturday, disclosing a cyberattack.