North Korea Steals $200 Million in Crypto Heists: TRM Labs Report20. August 2023
• North Korean hackers have stolen more than $2 billion in cryptocurrencies over five years, with $200 million this year alone.
• The attacks are carried out through phishing and supply chain attacks, as well as infrastructure hacks.
• Last year was a record-breaking year for hacks, with $4 billion stolen — largely from North Korean state-affiliated hacking groups.
North Korea’s Crypto Thefts
A new report from blockchain analytics firm TRM Labs noted that North Korean hackers have stolen more than $2 billion in cryptocurrencies in the past five years. It estimated around $200 million in crypto heists this year alone. According to TRM Labs insights , the stolen amount accounts for 30 hacks so far in 2023, which is less than 2022, but still “10 times larger than attacks by other actors.”
Methods of Attack
North Korea has previously denied allegations of hacking or other cyberattacks. However, a UN report said that attackers in the country stole more cryptocurrency assets in 2022 than in any other year and targeted the networks of foreign aerospace and defense companies. The heists are carried out in different ways by North Koreans including through phishing and supply chain attacks, and through infrastructure hacks that involve private key or seed phrase compromises. Additionally, cross-chain bridges that have increasing value, are targeted continuously.
Record Breaking Year
Last year has been a record-breaking year for hacks, with $4 billion stolen, which largely came from North Korean state-affiliated hacking groups. For instance, the Ronin Network, a sidechain built for the popular play-to-earn crypto game Axie Infinity was attacked and $625 million was drained. The culprit was identified by US officials as a North Korean group – Lazarus – and the officials recovered close to $30 million.
Atomic Wallet Hack
The most lucrative hack this year targeted a non-custodial wallet provider called Atomic Wallet reportedly resulting in the theft of approximately USD 100 million worth of cryptocurrency from over 4100 individual addresses. “The nature of the attack on Atomic Wallet indicates that the exploit was most likely carried out through a phishing or supply chain attack.”
North Korea’s focus on attacking cryptocurrency ecosystems continues to be strong despite decreased overall amounts being stolen this year compared to last year’s record breaking figure