North Korean hackers set a record for stolen cryptocurrency

Elliptic experts estimate that since the beginning of this year, DPRK hackers have stolen cryptocurrency assets totaling more than $ 2 billion, which is a record high for North Korean cybercriminals in such a short period. In total, these groups have stolen more than $ 6 billion worth of crypto assets since their inception, making them one of the most dangerous players in the cybercrime sphere. Analytical company Chainalysis confirms this data, citing a slightly higher figure of $ 2.17 billion since the beginning of the year.

The most high-profile incident of the year was the February theft from the Bybit crypto exchange, which went down in history as the largest cryptocurrency theft ever. The hackers managed to withdraw more than $ 1.4 billion by breaking into the digital wallet provider’s system and transferring 400,000 Ethereum coins from the exchange’s cold wallet. The platform’s administration reported that they were able to trace about 68% of these funds, which may mean that the attackers have so far managed to cash out only a portion of the illegally obtained proceeds.

In addition to the Bybit attack, North Korean hackers have carried out approximately thirty incidents this year, attacking various cryptocurrency platforms. Among the victims were LND. fi, WOO X, and Seedify, platforms of different sizes and specializations. Such a variety of targets indicates a high level of training and coordination of hacker groups operating under the auspices of the North Korean regime. Experts suggest that the stolen funds are used to finance the nuclear program and circumvent international sanctions against the DPRK.

Elliptic and Chainalysis, which specialize in tracking blockchain transactions and cooperate with law enforcement agencies, warn of a change in cybercriminal tactics. Hackers are increasingly targeting not only cryptocurrency exchanges and blockchain companies but also wealthy individuals. To do this, they actively use social engineering methods and conduct phishing attacks, tricking victims into installing malware on their devices.

Chainalysis analysts call the growth of the share of thefts from individuals in the total volume of cryptocurrency-related crimes a particularly alarming trend. Since the beginning of the year, this figure has reached 23.35%, which indicates an expansion of the range of attacks and an increase in their complexity. Unlike attacks on exchanges, which are often detected quickly thanks to monitoring systems, thefts from private users can go undetected for a long time, giving criminals additional time to withdraw and launder funds through complex schemes using mixers and decentralized exchanges.