North Korean crypto hacks down 80% but that could change overnight: Chainalysis
Cryptocurrency stolen by North Korea-linked hackers is down a whopping 80% from 2022 — but a blockchain forensics firm says it isn’t necessarily a sign of progress.
As of Sept. 14, 2023, North Korea-linked hackers have stolen a total of $340.4 million worth of cryptocurrency, down from a record $1.65 billion reported funds stolen in 2022.
Cryptocurrency funds stolen by North Korean-backed groups between 2016-2023. Source: Chainalysis
“The fact that this year’s numbers are down is not necessarily an indicator of improved security or reduced criminal activity,” Chainalysis said in a Sept. 14 report. “We must remember that 2022 set a dismally high benchmark.”
“In reality, we are only one large hack away from crossing the billion-dollar threshold of stolen funds for 2023.”
Over the past 10 days, North Korea’s Lazarus Group has been linked to two separate hacks — Stake ($40 million) on Sept. 4 and CoinEx ($55 million) on Sept. 12, combining for a loss of over $95 million.
With the latest two hacks, North Korea-linked attacks have made up for about 30% of all crypto funds stolen in hacks this year, noted Chainalysis.
Funds stolen from North Korean hacking groups vs others between 2016 and 2023. Source: Chainalysis
North Korea turns to dubious exchanges, mixers
Meanwhile, Chainalysis has found that North Korean hackers have become increasingly reliant on certain Russian-based exchanges to launder illicit funds over the last few years.
The firm said North Korea has been using various Russian-based exchanges since 2021. One of the largest laundering events involved $21.9 million in funds transferred from Harmony’s $100 million bridge hack on June 24, 2022.
United States-sanctioned cryptocurrency mixers Tornado Cash and Blender have also been used by Lazarus Group in the Harmony Bridge hack and other high-profile hacks committed by the group.
We’ve observed instances of DPRK-linked hackers sending funds to Russian services since 2021. But this year’s transfer of $21.9M stolen from Harmony to a high-risk Russian exchange is an escalation of that activity. You can see examples of some of those transactions below. pic.twitter.com/S9cDxlk9Hu
— Chainalysis (@chainalysis) September 14, 2023
The United Nations is making an effort to curtail North Korea’s cybercrime tactics at the international level — as it is understood North Korea is using the stolen funds to support its nuclear missile program.
Meanwhile, the firm hopes increased smart contract audits will make life tougher for these hackers.