Report: North Korea-Sponsored Hacks Comprise 65 Percent of Total Crypto Stolen

Published at: Oct. 19, 2018

Hacker group “Lazarus,” reportedly funded by North Korea, has stolen a staggering $571 million in cryptocurrencies since early 2017, a study conducted by cybercrime company Group-IB reveals. Key takeaways from the study were published Tuesday, Oct. 16, alongside the full annual report, entitled “Hi-Tech Crime Trends.”

The report, dedicated to hacks in 2017 and 2018, identifies the allegedly state-sponsored hacker group Lazarus as responsible for $571 million of the $882 million total in crypto that was stolen from online exchanges during the studied time period; almost 65 percent of the total sum.   

Out of fourteen separate exchange breaches, five have been attributed to the group, among them the industry record-breaking $532 million NEM hack of Japan’s Coincheck this January.

The report states that hackers target cryptocurrency exchanges using mostly “traditional” methods, including spear phishing, social engineering, and malware:

“After the local network is successfully compromised [through downloaded malware], the hackers browse the local network to find work stations and servers used working with private cryptocurrency wallets.”

The report, which also includes a cybercrime forecast, predicts the number of attacks on exchanges to increase in future, as an alternative to traditional targets such as banks.

Group-IB further indicates that Initial Coin Offering (ICO) platforms are prime targets for hackers, revealing that 10 percent of total funds raised from token sales in 2017–2018 were stolen. A majority of illicit activity targeting ICOs was reportedly conducted through phishing methods, with Group-IB estimating that large phishing groups have the capacity to steal around $1 million a month.

Additionally, Group-IB suggests that mining pools could prove an easy target for 51 percent attacks by state-sponsored hackers. Attempts at such attacks, albeit with limited success, are said to already be on the rise.

U.S. experts have previously alleged that North Korea is "increasingly" turning to crypto as a tactic to circumvent sanctions, claiming that the country’s government is hiring people to “launder” cryptocurrencies via multiple wallets and exchanges, as well as so-called mixing services, with the aim of obtaining sanction-free U.S. dollars.

Tags
Bitcoin
Cryptocurrencies
Hackers
Crimes
North Korea
Related Posts
Revealed: How North Korean hackers launder stolen crypto
British multinational security company BAE Systems and the Society for Worldwide Interbank Financial Telecommunication, or SWIFT, have published a report revealing how cybercriminals launder cryptocurrency. According to the study Follow the Money money laundering cases via crypto are still relatively small compared to the huge volumes of cash laundered through traditional methods like wire transfers. But there are some notable examples and the report goes in-depth into the money laundering methods employed by Lazarus Group, a well-known hacking gang sponsored by the North Korean regime. Lazarus typically steals the crypto funds from an exchange and then starts to pass transactions …
Technology / Sept. 4, 2020
North Korea’s Crypto Extortion Efforts Have Expanded Considerably in 2020
A group of hackers associated with the North Korean regime have kept their crypto extortion efforts alive in 2020. A group of North Korean hackers operating under the name “Lazarus” targeted several crypto exchanges last year, according to a report published by Chainalysis. One of the attacks involved the creation of a fake trading bot which was offered to employees of the DragonEx exchange. Findings show that in March 2019, the hackers stole approximately $7 million in various cryptocurrencies from the Singapore-based exchange. Cybersecurity vendor Cyfirma warned in June about a massive crypto phishing campaign that could be launched by …
Bitcoin / July 28, 2020
Digital intelligence must overcome challenges to solving crypto crimes
While the value of cryptocurrencies has varied wildly in the last year, this has not diminished crypto’s attractiveness to criminals. Many of them are moving their illegal activities underground and outside the view of law enforcement. Because of the public nature of most blockchains, however, this rapid movement shouldn’t be a major concern to law enforcement agencies. With the right tools and training, following the proceeds of crypto-enabled crime is actually not as difficult as it may seem. However, intelligence agencies must have a cryptocurrency investigation plan that includes the right tools to lawfully collect digital evidence and the properly …
Technology / Aug. 20, 2021
Kim Jong Un May Be Using Stolen Crypto to Offset Economic Fallout
North Korean leader, Kim Jong-un, is reportedly backing a group of hackers. Their goal? Stealing cryptocurrencies like Bitcoin (BTC) using phishing scams. Sources indicate that the country has ramped up these efforts in an attempt to prevent a financial meltdown amid the COVID-19 crisis. A report published on May 13 by the U.K. Mirror claims that the Lazarus group, a hacking syndicate with alleged ties to the North Korean state, could be launching a cybercrime campaign of advanced persistent threat, or APT, attacks. Experts from Seoul-based firm, ESTsecurity, state that Lazarus is “increasingly engaging” in cybercrime activities in and out …
Bitcoin / May 14, 2020
Crypto Exchange Hack Losses Already 250% Higher Than 2017, Q3 Report Shows
Losses caused by cryptocurrency exchange hacks hit $927 million in the first nine months of 2018, already 250 percent higher than throughout all of 2017, Reuters India reports October 10. Reuters cites a Crypto Anti-Money-Laundering (AML) report for Q3 2018 from crypto intelligence firm CipherTrace, which pitted the $927 million figure against last year’s $266 million total. According to the report, “smaller” thefts of crypto worth between $20-60 million are also steadily rising, hitting $173 million in the third quarter. Reuters interviewed CipherTrace CEO Dave Jevans, who is also chairman of the global anti-cybercrime organization, the Anti-Phishing Working Group. Jevans …
Bitcoin / Oct. 10, 2018