North Korean Hackers Stole Nearly $400 Million in 2021: Chainalysis Reports

A recent report by blockchain forensics company Chainalysis stated that cybercriminals in North Korea stole bitcoin and Ether, worth almost $400 million but still have millions worth of stolen cryptocurrency funds unlaundered.

Almost $400 Million Theft Recorded in 2021

The Chainalysis report published January 13, 2022, stated that the funds were stolen following attacks on a minimum of seven crypto exchanges. Also, the company believes most of the attacks were possibly conducted by the infamous cybercriminal organization known as the Lazarus Group.

According to the blockchain forensics firm, the number of North Korean-affiliated hacks rose from four in 2020 to seven in 2021. Also, the value of the hack increased 40%, with Chainalysis calling 2021 a “banner year” for these perpetrators, considering the price performance of Bitcoin and Ethereum.

The hackers employed methods such as code exploits, phishing, malware, advanced social engineering, and code exploits to steal funds from exchanges with porous security systems.

Interestingly, bitcoin accounted for less than a quarter of the stolen funds, with 20% of BTC stolen in 2021 when measuring the dollar value. Meanwhile, Ether made up more than half of the total loot with 58%, while other altcoins and ERC-20 tokens made up 22%.

North Korean Hackers Prefer Mixers to Launder Funds

Describing the laundering process, Chainalysis said the cybercriminals first swapped ERC-20 tokens and other altcoins for ETH via a decentralized exchange. The Ether then goes through a mixer, a software service that obfuscates the source of crypto transactions, thereby making coins difficult to trace, which be swapped for Bitcoin.

The BTC is also mixed and consolidated into a new wallet. The hackers then send the Bitcoin to deposit addresses at exchanges that enable crypto to fiat conversion and are based in Asia.

Per Chainalysis observation, the North Korean cybercriminals seemed to favor the use of mixers. According to the report, more than 65% of the stolen funds were laundered via mixers in 2021. This is a significant increase from 21% in 2019 and 42% in 2020.

$170 Million Worth of Crypto Still Unlandered

Interestingly, it seemed that the perpetrators did not launder all its ill-gotten funds. Chainalysis noted that about $170 million worth of cryptocurrency remained unlaundered. The amount was gathered from 49 separate hacks from 2017 to 2021. Meanwhile, $55 million from the total holdings came from attacks back in 2016.

Part of the report said:

“It's unclear why the hackers would still be sitting on these funds, but it could be that they are hoping law enforcement interest in the cases will die down, so they can cash out without being watched.”

Meanwhile, Chainalysis stated that the activities of North Korea and its hackers posed a threat to the cryptocurrency industry.

“These behaviors, put together, paint a portrait of a nation that supports cryptocurrency-enabled crime on a massive scale. Systematic and sophisticated, North Koreas government—be it through the Lazarus Group or its other criminal syndicates—has cemented itself as an advanced persistent threat to the cryptocurrency industry in 2021.”

As previously reported back in February 2021, a U.S. court charged three North Korean computer programmers with stealing $1.3 billion in cash and crypto.

The forensics company, however, believed that blockchain analytics tools, criminal investigators, and hack victims can be useful in curbing crypto crime and bringing rogue actors to book.

For more blockchain news, please download WikiBit - the Global Blockchain Regulatory Inquiry APP.