Reading time: ~2 m
In 2021, North Korean crypto hackers siphoned out about $400 million in crypto through cyberattacks, according to new data from Chainalysis.
According to a January 13 report from a blockchain analytics company, the type of cryptocurrency stolen has also changed a lot. In 2017, BTC accounted for almost all the cryptocurrencies stolen by the DPRK, but now they account for only a fifth:
“In 2021, only 20% of stolen funds were bitcoin, while 22% were either ERC-20 tokens or altcoins. And for the first time, Ethereum accounts for the majority of the stolen funds — 58%.”
The report states that attacks in 2021 from North Korea (DPRK) primarily targeted “investment firms and centralized exchanges and used phishing lures, code exploits, malware and advanced social engineering” to maliciously obtain funds.
According to a UN Security Council report, the stolen cryptocurrency is believed to be being used by North Korea to evade economic sanctions and fund nuclear weapons and ballistic missile programs.
The threat posed by the DPRK to global crypto platforms has become permanent. Chainalysis is now labeling hackers from the Hermit Kingdom like the Lazarus Group as advanced persistent threats. These threats have been on the rise over the past three years after an all-time high of over $500 million in crypto stolen in 2018.
Chainalysis reported that the funds were thoroughly laundered. Methods range from chain hopping to the “Peel Chain” method, and more recently, hackers have used a complex system of coin exchange and coin mixing.
Mixers were used for more than 65% of funds stolen in 2021, which is 3 times more than in 2019. mixer is a privacy software system that allows users to hide the source and destination of the coins they send. Decentralized exchanges (DEXs) are increasingly favored by hackers as they require no permission and have sufficient liquidity to exchange coins at the user’s request.
Chainalysis used the Liquid hack. com on August 19, 2021, during which $91 million in cryptocurrencies was stolen, as an example of a typical way of money laundering by DPRK hackers. They first exchanged ERC-20 coins for ether (ETH) on decentralized exchanges. The ETH was then sent to the mixer and exchanged for bitcoin (BTC) which was also mixed. Finally, BTC was sent from the mixer to the centralized Asian exchanges.
#Hackers #North #Korea #stole #million #ETH
