North Korean Hackers ‘Stole $400m’ In 2021

Hackers based in North Korea stole nearly $400 million (£292m) in cryptocurrencies last year, according to new research.

The hackers mainly targeted investment firms and centralised exchanges, using phishing lures, social engineering techniques and technical security exploits to steal funds from “hot” or internet-connected wallets, Chainalysis said.

Many of the attacks were probably carried out by the so-called Lazarus Group, also known as APT 38, which is believed to be controlled by North Korea’s Reconnaissance General Bureau, its primary intelligence agency, the analysts said.

Lazarus Group is best known for its attacks on Sony Pictures and for the widespread Wannacry malware attack in May 2017.

Crypto heist

But from 2018 onward, the group has focused on cryptocurrency thefts, typically stealing more than $200m a year, Chainalysis said.

An attack on KuCoin and another targeting an unnamed cryptocurrency exchange netted more than $250m each.

A United Nations panel that monitors sanctions on North Korea has accused the country of using stolen funds to support its nuclear and ballistic missile programmes and as a way of getting around international sanctions.

The number of attacks allegedly carried out by the country last year grew to seven, from four in 2020, with the value of the thefts growing by 40 percent.

More than half of the funds were in the Ether crypto-asset, at 58 percent, with 22 percent in various other coins and less than one-quarter in Bitcoin.

‘Systematic and sophisticated’

Chainalysis said it identified some $170m in current balances representing stolen funds from 49 separate hacks, some dating back to 2017, that are awaiting a currency-laundering process, with a further $55m dating from 2016.

The company said this suggests “a careful plan, not a desperate and hasty one”.

The country’s cryptocurrency attacks are “systematic and sophisticated”, it said.

In February of last year the US charged three North Korean programmers with hacks that stole more than $1.3bn in cash and cryptocurrency.

The attacks affected organisations ranging from banks to Hollywood movie studios, the Department of Justice said.

Also last year South Korea warned North Korean hackers had attempted to steal Covid-19 vaccine data from Pfizer.

Matthew Broersma

Matt Broersma is a long standing tech freelance, who has worked for Ziff-Davis, ZDnet and other leading publications

Recent Posts

Google Sued For Use Of NHS Data Of 1.6 Million Brits

Lawsuit alleges Google and Deepmind Technologies used NHS data of 1.6 million Britons 'without their…

9 hours ago

Twitter Sees Three More Executive Departures

Three executives apparently jump ship. More high level departures at Twitter, ahead of Elon Musk's…

11 hours ago

Apple Delays Staff Mandate For Three Days A Week In Office – Report

Tech giant blames rising Covid cases as it again pushes back return to office deadline,…

13 hours ago

Tesla Bluetooth Locks Can Be Hacked, Warns NCC Group

Digital locks, including those fitted to Tesla vehicles, are vulnerable to being unlocked via an…

16 hours ago

Twitter Board To ‘Enforce’ Elon Musk Merger Agreement

Legal action ahead? Elon Musk's takeover agreement of Twitter will be enforced says board of…

17 hours ago