A recent report from United States cybersecurity firm Recorded Future reveals that North Korean hackers have successfully pilfered approximately $3 billion in cryptocurrency since 2017, marking a significant escalation with more than half of that amount stolen in the past year alone. According to the report, the stolen funds amount to nearly half of North Korea’s entire military expenses for the year.
In 2022, North Korean threat actors targeted the cryptocurrency realm aggressively, siphoning an estimated $1.7 billion in digital assets. This sum equates to around 5% of North Korea’s economy and a staggering 45% of its military budget. The report highlights that this ill-gotten amount far exceeds the nation’s annual income from exports, surpassing it by almost tenfold.
The initial focus of North Korean hackers was on South Korea’s cryptocurrency market, but they swiftly expanded their operations globally, demonstrating a strategic shift from traditional finance to digital financial technology. The report suggests that state backing has played a pivotal role in scaling up these illicit operations, enabling North Korean threat actors to surpass the capabilities of traditional cybercriminals.
In response to the escalating cyber threat, the U.S. Treasury’s Office of Foreign Assets Control recently imposed sanctions on the cryptocurrency mixer Sinbad. The platform was accused of facilitating money laundering for the North Korea-based Lazarus Group. A UN report highlighted the increased sophistication of cyber attacks in 2022, making it more challenging to trace stolen funds.
Blockchain analytics firm Chainalysis identified North Korean-linked hackers as the most prolific cryptocurrency hackers in recent years. These hackers have been observed utilizing crypto mixers such as Tornado Cash and Sinbad at a higher rate than other criminal groups, complicating efforts to track and halt their illicit financial activities. The continuous success of North Korean hackers in the cryptocurrency space poses a growing challenge for cybersecurity and international efforts to curb illicit financial activities.