New York (CNN Business) North Korean hackers stole nearly $ 400 million in cryptocurrency in 2021, making it one of the most lucrative years to date for cybercriminals in the highly isolated country, according to a new report.
Hackers launched at least seven different attacks last year, targeting investment firms and centralized exchanges using a variety of tactics, including phishing, malware and social engineering, according to the report by Chainalysis, a company that tracks cryptocurrency. The cybercriminals worked to gain access to organizations’ “hot” wallets – digital wallets connected to the Internet – and then move money into DPRK-controlled accounts.
The thefts are the latest indication that the heavily sanctioned country remains dependent on a network of hackers to help fund its domestic programs. A confidential UN report has previously accused North Korea’s leader Kim Jong Un’s regime of carrying out “operations against financial institutions and virtual currency exchange houses” to pay for weapons and keep North Korea’s economy afloat.
In February last year, the U.S. Department of Justice charged three North Koreans with conspiring to steal more than $ 1.3 billion from banks and businesses around the world and orchestrate digital cryptocurrency robberies.
“North Korea is in most respects cut off from the global financial system by a long-running sanctions campaign by the United States and foreign partners.” said Nick Carlsen, analyst at blockchain intelligence firm TRM Labs. “As a result, they’re taken to the digital battlefield to steal crypto in, essentially, [a] bank robbery at the speed of the internet to finance weapons programs, nuclear proliferation and other destabilizing activities. “
The North Korean hacker effort has benefited from the rising value of cryptocurrencies. The rise in cryptocurrency prices and usage has generally made digital assets more and more attractive to malicious players, leading to more blockbuster crypto-theft in 2021.
According to Chainalysis, most of last year’s thefts were carried out by Lazarus Group, a hacker group with links to North Korea, which has previously been linked to the hack on Sony Pictures, among others. The group has been hit by US sanctions.
There is very little that the United States or other countries can do practically to combat North Korean cryptohacking activities, other than sanctions and defensive cyber security measures, as criminals face no real chance of extradition.
As the cryptocurrency market becomes more popular, “we are likely to see continued interest from North Korea in targeting cryptocurrencies that are young and building cyber defense and anti-money laundering,” Carlsen said.