According to TRM Labs, $200 million worth of cryptocurrency has been stolen by North Korean hackers in only 2023.
The bold cryptocurrency hacking tactics of North Korean hackers have come to light in an exciting new research from blockchain intelligence pioneer TRM Labs. These covert cybercriminals have planned a massive theft over the last five years that is thought to have netted them a whopping $2 billion in unjustified profits. Their nefarious actions still have an impact on the larger bitcoin ecosystem and pose a serious threat.
An Empire of Intrigue
The exhaustive research by TRM Labs reveals the startling scope of North Korean hacking activities. They have taken about $200 million in 2023 alone, which is a startling 20% of the total amount of money that has been stolen that year. It should be noted that North Korean cyberattacks are a colossal force, dwarfing the actions of other bad actors by a factor of 10.
These hackers are experts at taking advantage of the decentralized finance (DeFi) environment, with cross-chain bridges acting as their main target. The Axie Infinity Ronin Bridge event, which is the poster child for such cross-chain hacks, resulted in a stunning $650 million in losses. In a trail of audacious thefts throughout 2022, North Korean hackers managed to abscond with an astounding $800 million across three separate attacks.
Related: North Korean Hackers Use Shadow IT Workers to Steal Millions in Crypto
Shifting Sands of Deception
These cunning hackers have a wide variety of devious tools at their disposal. North Korean actors target compromised private keys and seed phrases through a combination of supply chain attacks and phishing, taking advantage of weaknesses that exist in the digital world. Their sophisticated on-chain laundering techniques, which turn the illegal gains into a complicated maze of interconnectedness, are a particularly effective example of their cunning evolution of strategy.
The North Korean hackers have evolved with astonishing agility from their beginnings in cryptocurrency exchanges to the current environment of complex “multi-stage money laundering processes.” These hackers have been forced to use clever obfuscation techniques due to the backdrop of strong sanctions, relentless law enforcement activities, and the advent of advanced blockchain tracing tools.
A compelling example of this is the June 2023 Atomic Wallet hack, which saw hackers infiltrate the noncustodial wallet provider Atomic Wallet and flee with an incredible $100 million from over 4,100 addresses. The technique used, which is said to have been a clever concoction of phishing and supply chain manipulation, underlined the chutzpah of their plan.
Ethereum, Tron, Bitcoin, XRP, Dogecoin, Stellar, and Litecoin cryptocurrency wallets all became repositories for stolen assets that were quickly transferred to new wallets. The story went on with a sophisticated dance of ERC-20 and TRC-20 token swaps, composing a complex symphony of cross-chain swaps, automated programs, and mixers that concealed their tracks.
Related: North Korean hackers swipe over $100M from Atomic Wallet users
The saga of North Korean hackers remains an enthralling testament to the cat-and-mouse dynamics of the digital age. As these elusive culprits continue to orchestrate audacious heists, the cryptocurrency ecosystem remains poised on the edge, grappling with an ongoing battle to safeguard its digital treasures.