According to a recent report by blockchain intelligence firm TRM Labs, North Korean hackers pose a significant threat to the cryptocurrency ecosystem. Over the past five years, they have stolen an estimated $2 billion worth of crypto.
In 2023, it is estimated that North Korea stole approximately $200 million in cryptocurrency, representing 20% of all funds stolen that year.
TRM Keeps a Close Watch on North Korean Hackers Activities
TRM Labs’ deep dive into the world of cryptocurrency-related hacking sheds light on the activities of these North Korean cybercriminals. Their continued exploits serve as a reminder of the need for increased security measures within the cryptocurrency industry.
According to estimates, cyberattacks by North Korean hackers are 10 times larger than those by other malicious actors. These hackers have also targeted the decentralized finance (DeFi) ecosystem, exploiting cross-chain bridges that handle a significant volume of cryptocurrency transfers.
The scale and sophistication of these attacks highlight the need for increased security measures to protect against such threats. In 2022 alone, North Korean hackers were responsible for stealing around $800 million in three separate attacks, including the Axie Infinity Ronin Bridge hack, which resulted in $650 million of crypto being stolen.
These cyberattacks were carried out using various methods, including phishing and supply chain attacks that involved compromised private keys and seed phrases. According to TRM Labs, North Korean hackers have become increasingly sophisticated in their on-chain laundering methods.
Instead of using cryptocurrency exchanges to cash out stolen funds, they now employ complex multi-stage money laundering processes. These developments highlight the need for increased vigilance and security measures to protect against such threats.
In response to aggressive sanctions by the Office of Foreign Assets Control, law enforcement operations, and the development of improved blockchain tracing tools, hackers have evolved their methods.
TRM Labs has provided an in-depth analysis of the 2023 Atomic Wallet hack carried out by North Korean hackers as an example of the sophisticated obfuscation methods now being employed by hackers from the sanctioned state.