North Korean Hackers Stole $400M Worth Crypto in 2021
- The hackers attacked seven crypto exchanges.
- They also sophistically laundered the stolen cryptos.
North Korean hackers launched at least seven attacks on cryptocurrency exchanges in 2021, stealing around $400 million worth of digital assets, the blockchain analytics firm, Chainalysis revealed in the latest report.
The value of stolen crypto assets by these hackers jumped by 40 percent in 2021 from the prior year.
Though the report did not name all the victims of these attacks, it did mention the Japanese crypto exchange
Exchange
An exchange is known as a marketplace that supports the trading of derivatives, commodities, securities, and other financial instruments.Generally, an exchange is accessible through a digital platform or sometimes at a tangible address where investors organize to perform trading. Among the chief responsibilities of an exchange would be to uphold honest and fair-trading practices. These are instrumental in making sure that the distribution of supported security rates on that exchange are effectiv
An exchange is known as a marketplace that supports the trading of derivatives, commodities, securities, and other financial instruments.Generally, an exchange is accessible through a digital platform or sometimes at a tangible address where investors organize to perform trading. Among the chief responsibilities of an exchange would be to uphold honest and fair-trading practices. These are instrumental in making sure that the distribution of supported security rates on that exchange are effectiv
Read this Term, Liquid.com, which lost $91 million to the hackers. Additionally, the report stated that the attacks primarily targeted investment firms and centralized exchanges.
The hackers used several tactics like phishing
Phishing
Phishing is a form of cyber-attack in which fake websites, emails, and text messages are used to elicit personal data. The most common targets in this assault are passwords, private cryptocurrency keys, and credit card details.Phishers disguise themselves as reputable businesses and other types of entities. In certain instances, reputable government organizations or authorities are impersonated in order to collect this data.Because phishing relies on psychological manipulation rather than techno
Phishing is a form of cyber-attack in which fake websites, emails, and text messages are used to elicit personal data. The most common targets in this assault are passwords, private cryptocurrency keys, and credit card details.Phishers disguise themselves as reputable businesses and other types of entities. In certain instances, reputable government organizations or authorities are impersonated in order to collect this data.Because phishing relies on psychological manipulation rather than techno
Read this Term lures, code exploits, malware and advanced social engineering to gain access to the crypto exchanges.
“Once North Korea gained custody of the funds, they began a careful laundering process to cover up and cash out,” Chinalysis stated. “The growing variety of cryptocurrencies stolen has necessarily increased the complexity of DPRK’s cryptocurrency laundering operation.”
Laundering the Stolen Proceeds
The hackers usually swap the crypto tokens for Ether on decentralized exchanges (DEX) and then send them to mixers to hide their transactional history. Again, they swap the Ether for Bitcoin on DEX and send those Bitcoins to mixers before depositing them on Asia-based crypto exchanges to cash out.
“More than 65% of DPRK’s stolen funds were laundered through mixers this year, up from 42% in 2020 and 21% in 2019, suggesting that these threat actors have taken a more cautious approach with each passing year,” the report added.
In addition, the analytics company identified $170 million worth of stolen unlaundered cryptocurrency sitting ideally on North Korea-controlled wallets. These stolen cryptocurrencies were linked to 49 separate hacks spanning from 2017 to 2021.
“Whatever the reason may be, the length of time that DPRK is willing to hold on to these funds is illuminating, because it suggests a careful plan, not a desperate and hasty one,” added Chainalysis.
Meanwhile, the involvement of state-sponsored North Korean hackers attacking crypto exchanges was pointed out by a United Nations panel earlier. The state was accused of using the stolen proceeds to fund its nuclear weapons program. However, North Korea denied these allegations when releasing a statement.
North Korean hackers launched at least seven attacks on cryptocurrency exchanges in 2021, stealing around $400 million worth of digital assets, the blockchain analytics firm, Chainalysis revealed in the latest report.
The value of stolen crypto assets by these hackers jumped by 40 percent in 2021 from the prior year.
Though the report did not name all the victims of these attacks, it did mention the Japanese crypto exchange
Exchange
An exchange is known as a marketplace that supports the trading of derivatives, commodities, securities, and other financial instruments.Generally, an exchange is accessible through a digital platform or sometimes at a tangible address where investors organize to perform trading. Among the chief responsibilities of an exchange would be to uphold honest and fair-trading practices. These are instrumental in making sure that the distribution of supported security rates on that exchange are effectiv
An exchange is known as a marketplace that supports the trading of derivatives, commodities, securities, and other financial instruments.Generally, an exchange is accessible through a digital platform or sometimes at a tangible address where investors organize to perform trading. Among the chief responsibilities of an exchange would be to uphold honest and fair-trading practices. These are instrumental in making sure that the distribution of supported security rates on that exchange are effectiv
Read this Term, Liquid.com, which lost $91 million to the hackers. Additionally, the report stated that the attacks primarily targeted investment firms and centralized exchanges.
The hackers used several tactics like phishing
Phishing
Phishing is a form of cyber-attack in which fake websites, emails, and text messages are used to elicit personal data. The most common targets in this assault are passwords, private cryptocurrency keys, and credit card details.Phishers disguise themselves as reputable businesses and other types of entities. In certain instances, reputable government organizations or authorities are impersonated in order to collect this data.Because phishing relies on psychological manipulation rather than techno
Phishing is a form of cyber-attack in which fake websites, emails, and text messages are used to elicit personal data. The most common targets in this assault are passwords, private cryptocurrency keys, and credit card details.Phishers disguise themselves as reputable businesses and other types of entities. In certain instances, reputable government organizations or authorities are impersonated in order to collect this data.Because phishing relies on psychological manipulation rather than techno
Read this Term lures, code exploits, malware and advanced social engineering to gain access to the crypto exchanges.
“Once North Korea gained custody of the funds, they began a careful laundering process to cover up and cash out,” Chinalysis stated. “The growing variety of cryptocurrencies stolen has necessarily increased the complexity of DPRK’s cryptocurrency laundering operation.”
Laundering the Stolen Proceeds
The hackers usually swap the crypto tokens for Ether on decentralized exchanges (DEX) and then send them to mixers to hide their transactional history. Again, they swap the Ether for Bitcoin on DEX and send those Bitcoins to mixers before depositing them on Asia-based crypto exchanges to cash out.
“More than 65% of DPRK’s stolen funds were laundered through mixers this year, up from 42% in 2020 and 21% in 2019, suggesting that these threat actors have taken a more cautious approach with each passing year,” the report added.
In addition, the analytics company identified $170 million worth of stolen unlaundered cryptocurrency sitting ideally on North Korea-controlled wallets. These stolen cryptocurrencies were linked to 49 separate hacks spanning from 2017 to 2021.
“Whatever the reason may be, the length of time that DPRK is willing to hold on to these funds is illuminating, because it suggests a careful plan, not a desperate and hasty one,” added Chainalysis.
Meanwhile, the involvement of state-sponsored North Korean hackers attacking crypto exchanges was pointed out by a United Nations panel earlier. The state was accused of using the stolen proceeds to fund its nuclear weapons program. However, North Korea denied these allegations when releasing a statement.