SEOUL (REUTERS) - North Korea launched at least seven attacks on cryptocurrency platforms that mined nearly $400 million worth of digital assets last year, one of the most successful years on record, the blockchain analytics firm said. Chainalysis in a new release. report.
"From 2020 to 2021, the number of hacks linked to North Korea increased from four to seven, and the value extracted from these hacks grew by 40 percent," says the report, which was released on Thursday (Jan 13).
"Once North Korea gained custody of the funds, a careful laundering process began to cover up and withdraw money," the report added.
A United Nations panel of experts monitoring sanctions against North Korea has accused Pyongyang of using stolen funds to support its nuclear and ballistic missile programs to circumvent sanctions.
North Korea does not respond to media inquiries, but has previously released statements denying accusations of hacking.
Last year, The United States Charged Three North Korean Computer Programmers working for the country's intelligence service with a massive years-long hacking spree aiming to steal over $1.3 billion in money and cryptocurrency, affecting companies from banks to Hollywood movie studios.
Chainalysis did not identify all the targets of the attacks, but said they were primarily investment firms and centralized exchanges, including Liquid.com, which announced in August that an unauthorized user had gained access to some of the cryptocurrency wallets it managed.
The attackers used phishing lures, code exploits, malware, and advanced social engineering to divert funds from these organizations' Internet-connected "hot" wallets to North Korean-controlled addresses, according to the report.
Many of last year's attacks were probably perpetrated by the Lazarus Group, a US-sanctioned hacker group, which he says is controlled by the Reconnaissance General Office, North Korea's main intelligence office.
The group has been accused of involvement in the "WannaCry" ransomware attacks, the hacking of international banks and customer accounts, and the 2014 cyberattacks on Sony Pictures Entertainment.
North Korea also appeared to step up efforts to launder stolen cryptocurrency, significantly increasing its use of mixers, or software tools that pool and encrypt cryptocurrency from thousands of addresses, Chainalysis said.
The report says that researchers identified $170 million in old, unlaundered cryptocurrency holdings from 49 separate hacks spanning 2017 to 2021.
The report said it's unclear why the hackers would still be sitting on these funds, but said they could be hoping to evade law enforcement interest before cashing out.
"Whatever the reason, the length of time that (North Korea) is willing to hold these funds is illuminating, because it suggests a careful plan, not a desperate and hasty one," Chainalysis concluded.
