SEOUL (REUTERS) – North Korea launched a minimum of seven assaults on cryptocurrency platforms that extracted practically US$400 million (S$538 million) price of digital belongings final yr, considered one of its most profitable years on report, blockchain evaluation agency Chainalysis stated in a brand new report.
“From 2020 to 2021, the variety of North Korean-linked hacks jumped from 4 to seven, and the worth extracted from these hacks grew by 40 per cent,” stated the report, which was launched on Thursday (Jan 13).
“As soon as North Korea gained custody of the funds, they started a cautious laundering course of to cowl up and money out,” the report added.
A United Nations panel of specialists that screens sanctions on North Korea has accused Pyongyang of utilizing stolen funds to help its nuclear and ballistic missile programmes to avoid sanctions.
North Korea doesn’t reply to media inquiries, however has beforehand launched statements denying allegations of hacking.
Final yr, the United States charged three North Korean computer programmers working for the nation’s intelligence service with a large, years-long hacking spree aimed toward stealing greater than US$1.3 billion in cash and cryptocurrency, affecting corporations from banks to Hollywood film studios.
Chainalysis didn’t establish all of the targets of the hacks, however stated they had been primarily funding companies and centralised exchanges, together with Liquid.com, which introduced in August that an unauthorised person had gained entry to a few of the cryptocurrency wallets it managed.
The attackers used phishing lures, code exploits, malware, and superior social engineering to siphon funds out of those organisations’ Web-connected “sizzling” wallets into North Korea-controlled addresses, the report stated.
A lot of final yr’s assaults had been probably carried out by the Lazarus Group, a hacking group sanctioned by the US, which says it’s managed by the Reconnaissance Basic Bureau, North Korea’s main intelligence bureau.
The group has been accused of involvement within the “WannaCry” ransomware assaults, hacking of worldwide banks and buyer accounts, and the 2014 cyber-attacks on Sony Photos Leisure.
North Korea additionally appeared to step up efforts to launder stolen cryptocurrency, considerably growing its use of mixers, or software program instruments that pool and scramble cryptocurrencies from 1000’s of addresses, Chainalysis stated.
The report stated researchers had recognized US$170 million in previous, unlaundered cryptocurrency holdings from 49 separate hacks spanning from 2017 to 2021.
The report stated it’s unclear why the hackers would nonetheless be sitting on these funds, however stated they might be hoping to outwit regulation enforcement curiosity earlier than cashing out.
“Regardless of the cause could also be, the size of time that (North Korea) is keen to carry on to those funds is illuminating, as a result of it suggests a cautious plan, not a determined and hasty one,” Chainalysis concluded.