North Korean hackers launched at least seven attacks on cryptocurrency platforms last year, stealing nearly $400 million worth of digital assets, according to A report by blockchain analysis firm Chainalysis.
“From 2020 to 2021, the number of North Korean-linked hacks increased from four to seven, and the value extracted from these hacks increased by 40%,” the report said.
The attacks mainly targeted investment firms and centralized exchanges.
The report said the hackers used complex tactics including phishing lures, code exploits, malware and advanced social engineering to siphon funds from organizations’ internet-connected “hot wallets” into DPRK-controlled addresses.
“Once North Korea secured custody of the money, they began a careful laundering process to hide it and cash out,” the report said.
In 2021, Ethereum and Bitcoin held 58% and 20% of funds, respectively; 22% came from ERC-20 tokens or altcoins.
The report also stated, United Nations Security CouncilNorth Korea used the hacked funds to support its weapons of mass destruction (WMD) and ballistic missile-related programs.
According to the analysis report, the Lazarus Group – a hacking group that is part of North Korea’s primary intelligence agency, the Reconnaissance General Bureau – is suspected of carrying out the attacks. Lazarus Group has been charged with the first cyberattack sony pictures Entertainment And want to cry,
More than 65% of North Korea’s stolen money was laundered through mixers – software tools that pool and scramble digital assets from thousands of addresses.
North Korea also has unlicensed crypto funds, believed to be worth $170 million, from 49 different hacks spanning 2017 to 2021.
“It is unclear why hackers would still be sitting on these funds, but it could be that they are hoping law enforcement interests in the cases die so they can cash in without looking. Whatever the reason, The DPRK is prepared to hold these funds as it suggests a careful planning, not desperate and hasty,” the report said.