From January to August 2023, hackers linked to North Korea stole $200 million in cryptocurrencies - about 20% of the total amount of cryptocurrencies stolen this year, according to blockchain analysis firm TRM Labs.
According to the study, the stolen funds are used to finance nuclear weapons programs.
"In recent years, there has been a noticeable increase in the size and scale of cyber attacks against companies linked to cryptocurrency from North Korea. This coincides with an apparent acceleration of the country's nuclear and ballistic missile program," TRM Labs said.
TRM Labs states that North Korea has shifted from "traditional profit-making activities," indicating that the regime may increasingly turn to cyber attacks to finance its weapons proliferation activities.
Separately, blockchain analytics company Chainalysis stated in a February report that "most experts agree that the government of North Korea uses these stolen assets to finance its nuclear programs."
"They need every potential dollar. And this is clearly a much more effective way for North Korea to make money," said Nick Carlsen, an analyst at TRM Labs.
After North Korea's first nuclear test in 2006, the United Nations imposed numerous sanctions on the regime, officially known as the DPRK or the Democratic People's Republic of Korea, for its nuclear and ballistic missile programs.
The sanctions, including restrictions on financial services, natural resources, metals, and weapons, are aimed at limiting North Korea's access to the financing sources necessary to support its nuclear activities.
Last month, the FBI warned a crypto company that hackers linked to North Korea planned to "transfer" $40 million in cryptocurrency. In January, the bureau stated that it continues to "detect and thwart thefts and laundering of North Korean virtual currency used to support North Korean ballistic missile and weapons of mass destruction programs."
"Even if this dollar stolen in cryptocurrency does not directly go towards purchasing any component for the nuclear program, it will free up another dollar to support the regime and its programs," Carlsen said.
Hackers linked to North Korea exploit vulnerabilities in the crypto ecosystem in various ways. Some examples include phishing attacks, supply chain attacks, and infrastructure hacks, including compromising private keys or seed phrases, according to the TRM Labs report.
According to Chainalysis data, 2022 was the most vulnerable year in the history of crypto hacks - about $3.8 billion was stolen from the industry.
In March of last year, the United States accused hackers linked to North Korea of stealing a record amount of crypto assets worth over $600 million from Ronin Bridge in the popular blockchain game Axie Infinity using stolen private keys. Hackers use a so-called blockchain "bridge" that allows users to transfer their digital assets from one crypto network to another.
North Korean hackers posed as recruiters and lured an engineer from the blockchain game firm Sky Mavis into believing in the possibility of working. The victim was sent a document with malware, allowing the criminals to gain access to the engineer's computer and steal over $600 million in cryptocurrency after hacking the game.
"They use social engineering to infiltrate communities. They build relationships and gain access to systems," said Erin Plant, vice president of investigations at Chainalysis.
The U.S. Department of the Treasury's Office of Foreign Assets Control and South Korean authorities have imposed sanctions on several legal and natural persons for helping North Korean IT specialists fraudulently work abroad and launder illegally obtained funds back to North Korea.
Source: CNBC
Comments (0)
There are no comments for now