North Korean Hackers ‘Stole $400m’ In 2021

Hackers based in North Korea stole nearly $400 million (£292m) in cryptocurrencies last year, according to new research.

The hackers mainly targeted investment firms and centralised exchanges, using phishing lures, social engineering techniques and technical security exploits to steal funds from “hot” or internet-connected wallets, Chainalysis said.

Many of the attacks were probably carried out by the so-called Lazarus Group, also known as APT 38, which is believed to be controlled by North Korea’s Reconnaissance General Bureau, its primary intelligence agency, the analysts said.

Lazarus Group is best known for its attacks on Sony Pictures and for the widespread Wannacry malware attack in May 2017.

Crypto heist

But from 2018 onward, the group has focused on cryptocurrency thefts, typically stealing more than $200m a year, Chainalysis said.

An attack on KuCoin and another targeting an unnamed cryptocurrency exchange netted more than $250m each.

A United Nations panel that monitors sanctions on North Korea has accused the country of using stolen funds to support its nuclear and ballistic missile programmes and as a way of getting around international sanctions.

The number of attacks allegedly carried out by the country last year grew to seven, from four in 2020, with the value of the thefts growing by 40 percent.

More than half of the funds were in the Ether crypto-asset, at 58 percent, with 22 percent in various other coins and less than one-quarter in Bitcoin.

‘Systematic and sophisticated’

Chainalysis said it identified some $170m in current balances representing stolen funds from 49 separate hacks, some dating back to 2017, that are awaiting a currency-laundering process, with a further $55m dating from 2016.

The company said this suggests “a careful plan, not a desperate and hasty one”.

The country’s cryptocurrency attacks are “systematic and sophisticated”, it said.

In February of last year the US charged three North Korean programmers with hacks that stole more than $1.3bn in cash and cryptocurrency.

The attacks affected organisations ranging from banks to Hollywood movie studios, the Department of Justice said.

Also last year South Korea warned North Korean hackers had attempted to steal Covid-19 vaccine data from Pfizer.

Matthew Broersma

Matt Broersma is a long standing tech freelance, who has worked for Ziff-Davis, ZDnet and other leading publications

Recent Posts

Microsoft Faces UK Probe Over Inflection Staff Hiring

Poaching staff? UK's CMA regulator confirms phase one investigation of Microsoft's “hiring” of former Inflection…

2 hours ago

Elon Musk To Relocate SpaceX, X HQ To Texas

Leaving California. Elon Musk protests new gender-identity law, says he will move headquarters of SpaceX…

3 hours ago

Hackers ‘Publish Walt Disney Internal Slack Data’

Hackers reportedly publish data from thousands of Disney internal Slack communications, including data on strategy…

1 day ago

Apple Shares Reach All-Time High On AI Optimism

Apple shares surge after Morgan Stanley rates company 'top pick' over AI plans and says…

1 day ago

Musk Confirms Robotaxi Delay For Design Change

Elon Musk confirms delay of Tesla robotaxi launch as company's shares surge after he publicly…

1 day ago

Silicon UK In Focus Podcast: The Value of Data

Discover the transformative power of data in our latest podcast. Learn how leveraging data can…

1 day ago