New York (CNN Business) North Korean hackers stole nearly $400 million in cryptocurrency in 2021, making it one of the most lucrative years so far for cybercriminals in the deeply isolated country, according to a new report.
Hackers launched at least seven different attacks last year, primarily targeting investment firms and central exchanges with a variety of tactics, including phishing, malware and social engineering, according to a report from Chainalysis, a crypto-tracking company. The cybercriminals worked to gain access to the organizations’ “hot” wallets – digital wallets connected to the Internet – and then move the funds to accounts controlled by the DPRK.
The thefts are the latest indication that the heavily sanctioned state continues to rely on a network of hackers to help fund its domestic programs. A confidential United Nations report earlier accused the regime of North Korean leader Kim Jong Un of conducting “operations against financial institutions and virtual money exchanges” to pay for weapons and keep North Korea’s economy afloat.
Last February, the US Department of Justice charged three North Koreans with conspiring to steal more than $1.3 billion from banks and companies around the world and organizing digital thefts of cryptocurrency.
“North Korea is, in most respects, isolated from the global financial system by a prolonged sanctions campaign by the United States and foreign partners.” Nick Carlsen said, Analyst at blockchain intelligence firm TRM Labs. As a result, they have taken to the digital battlefield to steal cryptocurrency, [a] Bank robbery at the speed of the Internet to fund weapons programs, nuclear proliferation, and other destabilizing activities.”
North Korean hacking efforts have benefited from the rising value of cryptocurrencies. The rise in the price and use of cryptocurrencies in general has made digital assets increasingly attractive to malicious actors, leading to more crypto thefts in 2021.
According to Chainalysis, most of the thefts in the past year were carried out by the Lazarus Group, a hacking group with links to North Korea that has been previously linked to the Sony Pictures hack, among other incidents. The group was subjected to US sanctions.
There is practically little the United States or other countries can do to combat digital piracy activities in North Korea, other than sanctions and defensive cybersecurity measures, where criminals face no real chance of extradition.
As the cryptocurrency market grows in popularity, Carlsen said, “It is likely that we will see continued interest from North Korea to target crypto startups and establish cyber defenses and anti-money laundering controls.”