North Korean cryptocurrency hackers embezzled nearly $400 million worth of cryptocurrencies through cyberattacks in 2021, according to new data from Chainalysis.
The type of cryptocurrency involved in the thefts has also changed a lot, according to the blockchain analytics firm’s Thursday report. In 2017, Bitcoin (BTC) was responsible for almost all cryptocurrencies stolen by North Korea, but now it only accounts for a fifth:
“In 2021, only 20% of stolen funds were Bitcoin, while 22% were ERC-20 tokens or altcoins. And for the first time, Ether accounted for the majority of stolen funds, with 58%.”
The report stated that the 2021 attacks by North Korea (DPRK) primarily targeted “centralized investment firms and exchanges, and made use of phishing, code exploits, malware and advanced social engineering” to maliciously acquire the funds.
The stolen cryptocurrency is believed to be used by the DPRK to avoid economic sanctions and help fund nuclear weapons and ballistic missile programs, according to a report by the United Nations Security Council.
The threat the DPRK presents to global cryptocurrency platforms has always been present. Chainalysis now refers to Hermit Kingdom hackers such as the Lazarus Group as advanced persistent threats. These threats have increased over the past three years, following an all-time high of more than $500 million in stolen cryptocurrencies in 2018.
Chainalysis reported that the funds were meticulously laundered. Methods range from chain jumping, the “Peel Chain” method, and more recently, hackers have employed a complicated system of exchanging and mixing coins.
Mixers were used in over 65% of stolen funds in 2021, which is a threefold increase since 2019. A mixer is a software-based privacy system that allows users to hide the origin and destination of coins. that send. Decentralized exchanges are increasingly preferred by hackers as they are not allowed and have ample liquidity for coins to be exchanged at the user’s will.
Chainalysis used the August 19, 2021 hack on Liquid.com in which $91 million worth of cryptocurrencies was stolen as an example of the typical way in which DPRK hackers launder funds. They first exchanged ERC-20 coins for Ether (ETH) on decentralized exchanges. Then the ETH was sent to a mixer and exchanged for BTC, which was also mixed. Finally, BTC was sent from the mixer to centralized Asian exchanges as a likely fiat exit.
Follow us on social networks
Follow our profile on Instagram and not telegram to receive first-hand news!