Categories: Cryptocurrencies

North Korean hackers stole $400M in 2021, mostly ETH: Chainalysis

North Korean crypto hackers siphoned off nearly $400 million in crypto through cyber attacks in 2021 according to new data from Chainalysis.

The type of crypto stolen has also seen a sea change according to the Jan. 13 report from the blockchain analytics firm. In 2017, BTC accounted for nearly all the crypto stolen by the DPRK, but it now accounts for just one fifth:

“In 2021, only 20% of the stolen funds were Bitcoin, whereas 22% were either ERC-20 tokens or altcoins. And for the first time ever, Ether accounted for a majority of the funds stolen at 58%.”

The report stated that attacks in 2021 from North Korea (DPRK) primarily targeted “investment firms and centralized exchanges, and made use of phishing lures, code exploits, malware, and advanced social engineering” to maliciously acquire the funds.

Stolen cryptocurrency is believed to be used by the DPRK to evade economic sanctions and to help fund nuclear weapons and ballistic missile programs, according to a UN Security Council report.

The threat that the DPRK presents to global crypto platforms has become ever-present. Chainalysis now refers to hackers from the Hermit Kingdom, such as Lazarus Group, as advanced persistent threats (APT). These threats have been on the increase over the past three years, following the all-time high of over $500 million in crypto stolen in 2018.

Chainalysis reported that the funds were meticulously laundered. Methods range from chain hopping, the ‘Peel Chain’ method, and more recently the hackers have employed a complicated system of coin swaps and mixing.

Related: LCX loses $6.8M in a hot wallet compromise over Ethereum blockchain

Mixers were used on over 65% of the funds stolen in 2021, which is a 3-fold increase since 2019. A mixer is a software-based privacy system that allows users to hide the source and destination of the coins they send. Decentralized exchanges (DEX) are increasingly preferred by hackers since they are permissionless and have ample liquidity for coins to be swapped at the user’s will.

Chainalysis used the Aug. 19, 2021 hack at Liquid.com in which $91 million in crypto was stolen as an example of the typical way in which DPRK hackers launder funds. They first swapped ERC-20 coins for Ether (ETH) at decentralized exchanges. Then the ETH was sent to a mixer and swapped for Bitcoin (BTC), which was also mixed. Finally, BTC was sent from the mixer to centralized Asian exchanges as a likely fiat off-ramp.

admin

Share
Published by
admin

Recent Posts

Is there a way for the crypto sector to avoid Bitcoin’s halving-related bear markets?

There is good reason to be afraid. Previous down markets have seen declines in excess…

2 years ago

UPS and FedEx are good dividend stocks, but which should you take?

United Parcel Service, Inc. (NYSE:UPS) and FedEx Corporation (NYSE:FDX) are two robust logistics companies. Both…

2 years ago

Bitfarms sold 3K Bitcoin as part of strategy to improve liquidity and pay debts

Canadian crypto mining firm Bitfarms sold roughly $62 million worth of Bitcoin (BTC) in June,…

2 years ago

This biotech stock is up 100% on Tuesday: here’s the catalyst

Invezz does not provide financial advice. Our aim is to simplify information about investing, enabling…

2 years ago

Japanese film studio announces the production of a series based on crypto

Noma, a Japanese film studio, has announced that it is producing three feature films that…

2 years ago

Bitcoin price taps 5-day highs as Shiba Inu leads altcoin gains

Bitcoin (BTC) saw continued strength on June 21 as Wall Street trading opened with a…

2 years ago