North Korean hacker group steals $3 billion in Crypto Assets over six years

Recently, a report from the cybersecurity field revealed shocking facts: a hacker group associated with North Korea has successfully stolen Crypto Assets worth $3 billion over the past 6 years.

The organization known as the Lazarus Group looted 1.7 billion dollars in Crypto Assets in 2022, and this funding is likely used to support various plans of North Korea. According to statistics from blockchain data analysis agencies, 1.1 billion dollars was stolen from decentralized finance (DeFi) platforms. A report released by the U.S. Department of Homeland Security in September last year also highlighted Lazarus's exploitation of DeFi protocols.

The Lazarus Group is known for its fund theft. In 2016, they hacked the Central Bank of Bangladesh and stole $81 million. In 2018, they attacked a crypto assets exchange platform in Japan, stealing $530 million, and also targeted the Central Bank of Malaysia, stealing $390 million.

Since 2017, North Korea has targeted the encryption industry as a primary objective for cyber attacks. Prior to this, North Korea had attacked the SWIFT network and stolen funds from financial institutions, which raised significant concern in the international community and prompted financial institutions to strengthen their cybersecurity defenses.

When Crypto Assets began to go mainstream in 2017, North Korean hackers shifted their focus from traditional finance to this emerging form of digital finance. They initially targeted the South Korean crypto market and later expanded their influence globally.

In 2022, North Korean hackers were accused of stealing approximately $1.7 billion in Crypto Assets, which is equivalent to about 5% of North Korea's domestic economic scale or 45% of its military budget. This figure is also nearly 10 times the total export value of North Korea in 2021.

North Korean hackers' methods of operation in the Crypto Assets industry are often similar to traditional cybercrime, including the use of encryption mixers, cross-chain transactions, and over-the-counter trading. However, with a nation backing them, they are able to scale their thefts to levels that traditional cybercrime gangs cannot reach.

Data shows that in 2022, approximately 44% of stolen crypto assets were related to North Korean hackers. Their targets are not limited to exchanges, but also include individual users, venture capital firms, and other technologies and protocols. All institutions and individuals operating in the crypto industry could potentially become targets.

Experts suggest that everyone working in the encryption industry should be aware of the possibility of becoming a target for hackers. Traditional financial institutions should also closely monitor the activities of North Korean hacker groups. Once Crypto Assets are stolen and converted into fiat currency, the funds are often transferred between different accounts to conceal their origin.

To address these threats, experts recommend that organizations train employees to monitor suspicious activities and implement strong multi-factor authentication, such as passwordless authentication that complies with the FIDO2 standard.

North Korea clearly sees the continuous theft of crypto assets as a major source of income to fund its military and weapons programs. Without stricter regulations, cybersecurity requirements, and investments in the cybersecurity of crypto asset companies, North Korea will almost certainly continue to view the crypto assets industry as a source of additional revenue.

To prevent these attacks, experts recommend taking the following measures:

1. Enable Multi-Factor Authentication (MFA) and use hardware devices to enhance security.
2. Enable all available MFA settings for Crypto Assets exchanges.
3. Verify the authenticity of social media accounts.
4. Verify the legitimacy of transactions, especially airdrops or free promotional activities.
5. Check official sources, especially for activities involving large platforms.
6. Always check the URL to prevent phishing websites.
7. Use hardware wallets to store Crypto Assets.
8. Only use trusted decentralized applications and verify the smart contract addresses.
9. Be wary of deals that seem too good to be true.

By taking these precautions, Crypto Assets users and companies can significantly reduce the risk of becoming targets of North Korean Hacker attacks.