North Korean hackers stole $3 billion in cryptocurrency

Since January 2017, over the past six years, North Korea-sponsored state-levelhackerthrough a series ofcryptocurrencyCarefully designed for the industryhackerThe attack resulted in the theft of an estimated $3 billion worth of funds.

North Koreahacker group, including Kimsuky, Lazarus Group and Andariel, are always behind the scenes planning attacks aimed at damaging the cryptocurrency system. Their operations are similar to traditional cybercriminal gangs, but their scale is much larger than these gangs. According to a report from Recorded Future’s Insikt Group, 44% of the cryptocurrencies stolen throughout last year were generated by theseNorth Korean hackersAttacks orchestrated by the organization.

The main targets of these hacking groups are cryptocurrency exchanges, but they have also launched attacks against individual users and venture capital firms.

The North Korean regime relies heavily on cryptocurrency theft as one of its main sources of revenue, especially to fund its military and weapons development programs. Although there is no firm data on the relationship between stolen cryptocurrencies and funds reserved for missile launches, this relationship has become particularly evident in recent years as the number of stolen cryptocurrencies and missile launches has increased simultaneously.

Analysts at Recorded Future noted: “Since 2017, North Korea has significantly increased its focus on the cryptocurrency industry and is estimated to have stolen up to $3 billion worth of cryptocurrency.”

They explained: “North Korea initially successfully stole funds from financial institutions by hijacking the SWIFT network, but turned its focus to cryptocurrencies during the 2017 cryptocurrency boom, starting with the South Korean market and gradually expanding globally.”

“In 2022 alone, North Korea’scyber threatsThe act is accused of stealing $1.7 billion in cryptocurrency, which is equivalent to 5% of the country’s economy or 45% of the military budget. "

A recent confidential United Nations report noted that North Korean state-level hackers have committed cryptocurrency theft on an unprecedented scale, stealing between $630 million and more than $1 billion worth of cryptocurrency in 2022 alone, making Pyongyang’s cyber theft The illegal profits obtained from the operation have doubled compared with before.

In 2017, South Korea's cryptocurrency exchanges Bithumb, Youbit and Yapizon were hacked. Since then, North Korea's cryptocurrency attacks have begun to increase dramatically, stealing approximately $82.7 million worth of crypto assets.

In the past two years, North Korean Lazarus hackers have targeted the Harmony blockchain bridge (loss of $100 million), the Nomad bridge (loss of $190 million), the Qubit Finance bridge (loss of $80 million), and the Ronin Network cross-chain bridge and stolen $620 million later, this is the largest cryptocurrency hack ever.

This year alone, they have reportedly stolen $200 million through multiple attacks, including attacks on Atomic Wallet ($35 million), AlphaPo ($60 million in two separate attacks), and CoinsPaid ($37 million) )s attack.

Researchers at Recorded Future detailed North Korea’s attacks on cryptocurrency targets in their detailed report. Please [click here](#) to view the full report.

This week, the U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) imposed sanctions on the Kimsuky hacking group for its involvement in obtaining intelligence that helped support North Korea’s weapons of mass destruction (WMD) program.

In September 2019, OFAC imposed sanctions on three additional North Korean hacking groups—Lazarus, Bluenoroff, and Andariel—for transferring cryptocurrencies stolen in cyberattacks back to the country’s government.

The U.S. Treasury Department also sanctioned the Sinbad, Tornado Cash and Blender.io cryptocurrency mixing services used by the North Korean hacking group to launder funds stolen in the Atomic Wallet, Axie Infinity, Nomad and Horizon hacks.