A recent report shows that the North Korean hackers stole at least $600m in cryptocurrency in 2023, around a third of the total value of such heists.
Despite the heists, the number represents a 30% reduction on cryptocurrency stolen by Democratic People’s Republic of Korea (DPRK)-linked hackers compared to 2022, at $850m.
The researchers noted that if additional crypto heists committed in the final days of 2023 are attributed to DPRK, the total amount stolen last year could rise to as much as $700m. This includes an attack on Orbit Chain on December 31, 2023, which led to more than $80m worth of crypto being taken.
Since 2017, it has been believed that $2.7bn worth of crypto has been stolen by DPRK-based attackers. The North Korean government uses crypto thefts as a means of generating revenue in the face of international sanctions targeting the regime, experts believe.
The analysis found that crypto hacks perpetrated by North Korea are, on average, 10 times more damaging as those not linked to Pyongyang.
The primary method used by DPRK-linked attackers to launch crypto heists are compromising the private keys and seed phrases used to protect digital wallets.
Following compromise, the hackers transfer the victims’ digital assets to a wallet address controlled by North Korean operatives before swapping the currency for USDT or Tron and then converting it to hard currency using high-volume OTC brokers.
There have been “notable advancements” in tackling crypto thefts, including improved security in exchanges and increased international collaboration in tracking and recovering stolen funds.
The research report concludes that with nearly $1.5bn stolen in the past two years alone, North Korea’s hacking prowess demands continuous vigilance and innovation from business and governments.
