North Korean Hackers: A Rising Threat to the Crypto World?
TRM Labs' recent report highlights that North Korean cybercriminals have executed over thirty attacks, pilfering around $2 billion in cryptocurrencies in the last five years.
While analytical firms such as Chainalysis believe that this figure might be considerably understated given North Korea's high illicit activities, TRM Labs posits that some incidents are mistakenly or even intentionally attributed to North Korea. Remarkably, the country has allegedly stolen $200 million, amounting to 20% of total cryptocurrency thefts, in the early part of 2023 alone.
Cryptocurrency Stolen by North Korea. Source: TRM Labs.
Despite international sanctions and isolation, North Korea relentlessly hones its cyber capabilities, uncovering novel means to commit digital transgressions. Their focus has sharpened on DeFi platforms, no doubt due to their lucrative promise and the extensive cryptocurrency holdings they manage. A glaring testament to this was the theft of nearly $800 million from cross-chain bridges.
For these heists, hackers merge traditional techniques with newfound system vulnerabilities. They employ an array of tactics, from phishing schemes and malware to direct infrastructure breaches. A significant case was the attack on Ronin Bridge in March 2022, where hackers exploited private keys to siphon off $625 million, marking one of the most significant breaches in crypto history.
Adding to the industry's woes, Atomic Wallet was compromised in June 2023. This incident saw about 4,100 users lose their assets totaling more than $100 million. Although the exact method remains somewhat unclear, the majority of experts believe it was a sophisticated phishing attack. Once in control, the perpetrators swiftly converted and laundered their ill-gotten gains using decentralized exchanges, crypto mixers, and other cutting-edge blockchain mechanisms.
Tracing the Stolen Assets from Atomic Wallet. Source: TRM Labs.
The challenge in monitoring these crypto criminals lies in their masterful evasion tactics, utilizing intricate and hard-to-detect routes. Their brazen confidence, possibly fueled by the perception that Western intelligence agencies are often a step behind, poses considerable risks for everyday cryptocurrency users and the industry at large. Blockchain analysts and experts are now faced with the task of devising new strategies for pinpointing and tracking stolen assets. Additionally, when these illicit gains appear on centralized exchanges, professionals must be prepared for immediate response and asset seizure.