Connect with us
Active Currencies 14363
Market Cap $2,743,093,888,619.10
Bitcoin Share 50.94%
24h Market Cap Change $7.98

Report reveals North Korea and Russia’s crypto-nexus

3min Read

According to a Chainalysis report, hackers from North Korea are actively using Russia-based crypto exchanges to launder stolen crypto assets. 

Report reveals North Korea and Russia's crypto-nexus

Share this article

  • About $22 million in stolen cryptos from the Harmony Protocol heist were transferred to a Russian exchange.
  • Russia was the global hub of cryptocurrency laundering.

The crypto industry has been left high and dry amidst an unrelenting onslaught from North Korean-linked hackers. A series of high-profile exploits by unscrupulous players, allegedly backed by the regime, have siphoned millions in hard-earned monies off unsuspecting investors.

While on-chain sleuths and law enforcement agencies work hard to investigate and uncover such crimes, a new alarming development has emerged, raising the risk a few notches higher.

The Russia – North Korea link

According to the latest report by blockchain analytics firm Chainalysis, hackers from North Korea were actively using Russia-based crypto exchanges to launder stolen crypto assets.

On-chain data revealed that roughly $22 million stolen from the Harmony Protocol heist in June last year were transferred to a Russian exchange. Although the name was not revealed, Chainalysis alleged that the trading platform was a repeat offender with a history of supporting unlawful transactions.

For the uninitiated, layer-1 blockchain Harmony suffered a breach on its cross-chain bridge Horizon. This resulted in a theft of $100 million in several tokens including Ethereum [ETH], Tether [USDT], and USD Coin [USDC].

The Federal Bureau of Investigation (FBI) later confirmed that the notorious Lazarus Group was behind the exploit.

Meanwhile, Chainalysis claimed to have evidence proving the hacking group has been using the aforementioned Russian exchange services since 2021.

Chainalysis discovered some intriguing new trends while following the trail of the stolen crypto assets from Lazarus Group. Historically, the group has transferred the funds to mainstream exchanges.

However, of late, there were numerous instances of the funds getting deposited on the Russian exchange. The below graph demonstrated the movement of stolen Harmony funds.

Source: Chainalysis

Russia – a big player in crypto crimes

Chainalysis noted that this dramatic shift could harm the process of recovering stolen funds, given Russia’s,

“Notoriously uncooperative stance toward international efforts.”

According to a previous report, Russia was the global hub of cryptocurrency laundering. The fact that businesses tied to such crimes were functioning from one of the country’s most prominent financial landmarks – The Federation Tower in Moscow’s central business district – indicated the seriousness of the problem.

In fact, for some of these crypto entities, illegal funds made up more than 30% of all the cryptocurrencies received.

Russia also leads the world in ransomware attacks. Conti, believed to be based in Russia, was the biggest ransomware strain by revenue in 2021. They extorted at least $180 million from victims.

There have been instances of local law enforcement agencies cracking down on ransomware attackers in the past. However, analysts have associated them to be acts of diplomacy meant to cool tensions over Russia’s military campaign in Ukraine.

In response to the increasing threat of ransomware-related crimes, the U.S. government recently merged its crypto crime and cybercrime units. One of the stated objectives of the merged unit was to track criminals through their ransomware payments and apprehend them before they flee to Russia.

Hacks from North Korea down in 2023, but…

As far as the tale of North Korean crypto crimes were concerned, a sharp fall was observed in overall funds lost in 2023 to unscrupulous players from the “Hermit Kingdom.” Compared to a whopping $1.65 billion in 2022, the hacked amount plunged to $340 million this year.

Source: Chainalysis

However, scammers from the East Asian nation still constituted roughly 30% of all cryptocurrency hacks carried out in 2o23. The high share in overall crypto crimes reinforced the notion of North Korea being one of the largest active threats in the cybercrime landscape.

Source: Chainalysis

In fact, at least two high-profile exploits surfaced in a span of just seven days. The first was the $41 million heist from cryptocurrency betting platform, followed by the $54-million exploit on cryptocurrency exchange CoinEx.

Though the crypto and DeFi fanbases are resilient, the non-stop attacks on platforms have started to test their patience. When it comes to finance, the security and transparency regarding funds holds paramount importance.

Hence, it was critical for builders to guarantee safeguards to attract more users.


Aniket Verma works as a journalist at AMBCrypto. Contrary to most who are primarily interested in merely tracking price movements of cryptos, his focus is on examining the niche intersection between cryptocurrencies and traditional finance. A so-so Bitcoin maximalist, Aniket has a strong disdain for memecoins and the unfounded frenzy they seem to generate every market season. Coming from a strong engineering background, Aniket previously worked as a Content Manager for TV9 Network. Before his stint over there, he was an Associate Multimedia News Producer at Reuters.
Read the best crypto stories of the day in less than 5 minutes
Subscribe to get it daily in your inbox.
Please check the format of your first name and/or email address.

Thank you for subscribing to Unhashed.