North Korean hackers launched at least seven attacks on cryptocurrency platforms last year to steal nearly $ 400 million in digital assets, according to a report from blockchain analytics firm Chainalysis.
“From 2020 to 2021, the number of North Korea-related hacks increased from four to seven, and the value extracted from these hacks increased by 40%,” the report said.
The attacks mainly targeted investment firms and centralized exchanges.
The report said the hackers siphoned funds from organizations’ internet-connected “hot wallets” to DPRK-controlled addresses using complex tactics, including phishing lures, code exploits, malware and engineering. advanced social.
“Once North Korea obtained custody of the funds, it began a thorough laundering process to cover and collect,” the report said.
In 2021, Ethereum and Bitcoin represented 58% and 20% of funds respectively; 22% came from ERC-20 tokens or altcoins.
The report also states, citing the United Nations Security Council, North Korea used pirate money to support its weapons of mass destruction (WMD) and ballistic missile programs.
According to the analysis report, the Lazarus Group – a hacking group that is part of North Korea’s main intelligence agency, the Reconnaissance General Bureau – is suspected of carrying out the attacks. The Lazarus group has previously been accused of the cyberattack on Sony Pictures Entertainment and Want to cry.
More than 65% of funds stolen in North Korea have been laundered using mixers, software tools that aggregate and scramble digital assets from thousands of addresses.
North Korea also has unbleached crypto funds, worth an estimated $ 170 million, from 49 separate hacks spanning 2017 to 2021.
“It is not clear why hackers would still be sitting on these funds, but it could be that they are hoping that law enforcement interest in these cases will wane, so that they can cash in without being watched.” Whatever the reason, the length of time the DPRK is willing to hold on to these funds is illuminating, as it suggests a cautious plan, not a desperate and hasty plan, ”the report said.