North Korean hackers have reportedly seized approximately $3 billion in cryptocurrency since 2017, with over half of that amount taken in the past year alone, according to a report by United States cybersecurity firm Recorded Future. The findings reveal that this staggering sum represents roughly half of North Korea’s entire military expenses for the year. In 2022, the North Korean threat actors were accused of pilfering an estimated $1.7 billion worth of cryptocurrency, equivalent to around 5% of North Korea’s economy or 45% of its military budget.
North Korean hackers shift targets
This surge in cryptocurrency theft surpasses North Korea’s total annual income from exports by a significant margin. The illicitly obtained funds are almost ten times greater than the value of the nation’s exports in 2021, which stood at $182 million. Recorded Future’s report highlights the notable shift in North Korean cyber operations, with initial targeting focused on the South Korean cryptocurrency market before expanding globally. The report underscores the crucial role of state backing in facilitating the scale of North Korean cyber operations.
This support enables threat actors from North Korea to exceed the capabilities of traditional cybercriminals. Notably, the North Korean government’s involvement has led to a substantial expansion in the scope and impact of these illicit activities. In recent developments, the U.S. Treasury’s Office of Foreign Assets Control imposed sanctions on the cryptocurrency mixer Sinbad. The move came with allegations that the platform facilitated money laundering for the North Korea-based Lazarus Group.
The report also emphasizes the increasing sophistication of cyber-attacks in 2022, making it more challenging to trace stolen funds. According to the United Nations report, these cyber attacks exhibited a higher level of sophistication compared to previous years, posing significant challenges in tracking illicitly acquired funds. Blockchain analytics firm Chainalysis labeled the North Korean-linked cybercriminal syndicates as the most prolific cryptocurrency hackers in recent years.
Escalation and global reach of cyber operations
Additionally, Chainalysis highlighted the noteworthy observation that these hackers were utilizing crypto mixers such as Tornado Cash and Sinbad at a significantly higher rate compared to other criminal groups. This trend adds another layer of complexity to efforts aimed at monitoring and preventing the flow of illicitly acquired cryptocurrency. The global impact of North Korean cyber operations is evident in the substantial amounts stolen and the far-reaching consequences for both individual victims and the broader cryptocurrency ecosystem.
The scale of these illicit activities poses a considerable challenge for authorities and organizations attempting to curb cybercrime and protect the integrity of digital financial systems. As the prevalence of cryptocurrency-related crimes continues to rise, it underscores the importance of international cooperation and the development of robust cybersecurity measures. Efforts to combat these threats require collaboration between governments, cybersecurity firms, and financial institutions.
Moreover, enhancing public awareness about potential risks and implementing effective regulatory frameworks are crucial components of a comprehensive strategy to mitigate the impact of cybercrime in the realm of cryptocurrency. The reported $3 billion in cryptocurrency theft by North Korean hackers since 2017 highlights the evolving landscape of cyber threats and the increasing sophistication of malicious actors. The substantial sums involved, coupled with the challenges in tracing stolen funds, underscore the need for a concerted global effort to address cybersecurity concerns in the cryptocurrency space.