State-sponsored North Korean hackers have stolen more than $200 million in cryptocurrency in 2023, accounting for more than 20% of all crypto assets stolen for the year.
Over $2B in Crypto Stolen Since 2018
According to a report by blockchain intelligence firm TRM Labs, the over $200 million stolen is part of the over $2 billion in cryptocurrencies the hackers have stolen over the past five years. While several reports stated that the amount of crypto stolen by the attackers since 2018 amounts to $3 billion, TRM Labs noted that the figure “likely includes multiple large hacks misattributed to North Korea.”
TRM Labs stated the state-sponsored hackers have been very successful with their attacks in 2023, with their hacks 10x bigger than that of other bad actors during the year.
Although this year has been a successful year for the hackers, the report mentioned that the most successful year for the actors remains 2022. Last year, the hackers stole a whopping $800 million in cryptocurrency, according to TRM Labs.
Targeting DeFi Protocols
The report stated that the hackers have recently been targeting the decentralized finance (DeFi) ecosystem, with cross-chain bridges being a particular focus. It added that the hackers exploit vulnerabilities in the ecosystem in multiple ways, such as through phishing, supply chain attacks, and infrastructure exploits like private key or seed phrase compromises.
“These types of attacks are often enabled by conventional cyber operations and allow the attackers to seize and transfer the cryptocurrency to wallets they control,” the report stated.
TRM Labs noted that while the hackers’ targets and techniques have evolved, so have their on-chain laundering methodologies.
“North Korea’s early exploits – which tend to involve the direct use of cryptocurrency exchanges – now feature highly complex, multi-stage money laundering processes in response to more aggressive OFAC sanctions, law enforcement focus, and improved tracing capabilities,” blockchain intelligence firm said.
One instance of this growing technique is the $100 million attack on Atomic Wallet, a non-custodial wallet provider. In June 2023, the hackers drained victims’ wallets on multiple blockchains and laundered the ill-gotten proceeds through complex techniques, including automated software programs, mixers, and cross-chain swaps.
