Connect with us
Active Currencies 14739
Market Cap $2,551,131,363,846.70
Bitcoin Share 51.56%
24h Market Cap Change $-4.25

North Korean hackers walk away with nearly $400 million in crypto

2min Read

Share this article

Over the years, the Democratic People’s Republic of Korea (DPRK)  has topped the chart in the list of cyberattacks. However, the most unique aspect of North Korean hacking is its focus on targeting financial institutions.

Even hackers prefer ETH

North Korean crypto hackers had a ‘ banner year‘ in 2021 according to new data from Chainalysis. As per this date, these hackers walked away with nearly $400 million in crypto through cyberattacks in 2021.

These attacks focused primarily on investment firms and centralized exchanges. It made use of phishing lures, code exploits, malware, and advanced social engineering to siphon funds out of these organizations’ internet-connected “hot” wallets into DPRK-controlled addresses.

Notably, from 2020 to 2021, the number of North Korean-linked hacks jumped from four to seven. And, the value extracted from these hacks grew by 40%. The graph below highlights the same story.

Source: Chainalysis

Another interesting narrative. In 2017, BTC accounted for nearly all the crypto stolen by the DPRK, but now not so much.

“In 2021, only 20% of the stolen funds were Bitcoin, whereas 22% were either ERC-20 tokens or altcoins. And for the first time ever, Ether accounted for a majority of the funds stolen at 58%.”

This is quite obvious from the graph below. The decline in BTC’s share can be seen here.

Stolen funds

Stolen cryptocurrency is believed to be used by the DPRK to evade economic sanctions. Thereby, to help fund nuclear weapons and ballistic missile programs. A UN Security Council report from 2019 shed light on the same conclusion.

Chainalysis now refers to hackers from the Hermit Kingdom, such as Lazarus Group, as advanced persistent threats (APT). In this context, the report added, “While we will refer to the attackers as North Korean-linked hackers more generally, many of these attacks were likely carried out by the Lazarus Group in particular.”

From 2018 on, the aforementioned group stole and laundered massive sums of virtual currencies every year, typically in excess of $200 million. These illicit activities were carried out via different methods. They range from chain hopping, the ‘Peel Chain’ method. More recently the hackers have employed a complicated system of coin swaps and mixing.

That said, this wasn’t the first report to signal red flags concerning these scam artists in North Korea. According to another report, North Korea allegedly siphoned off over $1.7 billion worth of crypto from exchanges over several years.

Nonetheless, this concern needs to be addressed. It will directly aid the digital assets to stand a fair trial with different regulatory watchdogs.


Shubham is a full-time journalist/ Crypto data analyst at AMBCrypto. A Master's graduate in Accounting and Finance, Shubham's writings mainly focus on the cryptocurrency sector with particular emphasis on market research studies and communications for >2 years. Also, a die-hard Chelsea fan #KTBFFH.
Read the best crypto stories of the day in less than 5 minutes
Subscribe to get it daily in your inbox.
Please check the format of your first name and/or email address.

Thank you for subscribing to Unhashed.