Report reveals North Korea and Russia’s crypto-nexus
- About $22 million in stolen cryptos from the Harmony Protocol heist were transferred to a Russian exchange.
- Russia was the global hub of cryptocurrency laundering.
The crypto industry has been left high and dry amidst an unrelenting onslaught from North Korean-linked hackers. A series of high-profile exploits by unscrupulous players, allegedly backed by the regime, have siphoned millions in hard-earned monies off unsuspecting investors.
While on-chain sleuths and law enforcement agencies work hard to investigate and uncover such crimes, a new alarming development has emerged, raising the risk a few notches higher.
The Russia – North Korea link
According to the latest report by blockchain analytics firm Chainalysis, hackers from North Korea were actively using Russia-based crypto exchanges to launder stolen crypto assets.
On-chain data revealed that roughly $22 million stolen from the Harmony Protocol heist in June last year were transferred to a Russian exchange. Although the name was not revealed, Chainalysis alleged that the trading platform was a repeat offender with a history of supporting unlawful transactions.
For the uninitiated, layer-1 blockchain Harmony suffered a breach on its cross-chain bridge Horizon. This resulted in a theft of $100 million in several tokens including Ethereum [ETH], Tether [USDT], and USD Coin [USDC].
The Federal Bureau of Investigation (FBI) later confirmed that the notorious Lazarus Group was behind the exploit.
Meanwhile, Chainalysis claimed to have evidence proving the hacking group has been using the aforementioned Russian exchange services since 2021.
Chainalysis discovered some intriguing new trends while following the trail of the stolen crypto assets from Lazarus Group. Historically, the group has transferred the funds to mainstream exchanges.
However, of late, there were numerous instances of the funds getting deposited on the Russian exchange. The below graph demonstrated the movement of stolen Harmony funds.
Russia – a big player in crypto crimes
Chainalysis noted that this dramatic shift could harm the process of recovering stolen funds, given Russia’s,
“Notoriously uncooperative stance toward international efforts.”
According to a previous report, Russia was the global hub of cryptocurrency laundering. The fact that businesses tied to such crimes were functioning from one of the country’s most prominent financial landmarks – The Federation Tower in Moscow’s central business district – indicated the seriousness of the problem.
In fact, for some of these crypto entities, illegal funds made up more than 30% of all the cryptocurrencies received.
Russia also leads the world in ransomware attacks. Conti, believed to be based in Russia, was the biggest ransomware strain by revenue in 2021. They extorted at least $180 million from victims.
There have been instances of local law enforcement agencies cracking down on ransomware attackers in the past. However, analysts have associated them to be acts of diplomacy meant to cool tensions over Russia’s military campaign in Ukraine.
In response to the increasing threat of ransomware-related crimes, the U.S. government recently merged its crypto crime and cybercrime units. One of the stated objectives of the merged unit was to track criminals through their ransomware payments and apprehend them before they flee to Russia.
Hacks from North Korea down in 2023, but…
As far as the tale of North Korean crypto crimes were concerned, a sharp fall was observed in overall funds lost in 2023 to unscrupulous players from the “Hermit Kingdom.” Compared to a whopping $1.65 billion in 2022, the hacked amount plunged to $340 million this year.
However, scammers from the East Asian nation still constituted roughly 30% of all cryptocurrency hacks carried out in 2o23. The high share in overall crypto crimes reinforced the notion of North Korea being one of the largest active threats in the cybercrime landscape.
In fact, at least two high-profile exploits surfaced in a span of just seven days. The first was the $41 million heist from cryptocurrency betting platform Stake.com, followed by the $54-million exploit on cryptocurrency exchange CoinEx.
Though the crypto and DeFi fanbases are resilient, the non-stop attacks on platforms have started to test their patience. When it comes to finance, the security and transparency regarding funds holds paramount importance.
Hence, it was critical for builders to guarantee safeguards to attract more users.