North Korea Hacks Crypto: More Targets, Lower Gains


North Korea-backed threat actors hacked more crypto platforms than ever in 2023 but stole less of the digital currency in total than in 2022.

Crypto research firm Chainalysis has found that North Korean adversaries stole slightly over $1.0bn in 2023, compared with around $1.7bn in 2022.

The 2022 spike, which set a record of stolen cryptocurrencies from North Korean-aligned threat actors, was primarily due to a prolific heist on decentralized finance (DeFi) products. That year, North Korean hackers stole approximately $1.19bn in DeFi assets, representing 70% of all crypto gains.

Global Drop in DeFi Hacking

In 2023, the global DeFi boon has waned and North Korean hackers gained significantly less from targeting DeFi protocols.

Chainalysis researchers explained that the reason for this new trend is likely twofold. First, DeFi protocol developers and maintainers have improved their operation security (OpSec).

“When examining this trend last year, security experts told us that they believe many DeFi vulnerabilities stemmed from protocol operators focusing primarily on growth, and not enough on implementing and maintaining robust security systems,” reads the Chainalysis report.

The second reason is the value drop in DeFi assets in 2023, which impacted the gains from DeFi hacking globally.

The global value lost in DeFi hacks declined by 63.7% year-over-year in 2023, and the median loss per DeFi hack dropped by 7.4%. And, while the number of individual crypto hacks rose in 2023, the number of DeFi hacks declined by 17.2%. 

This trend is mirrored when examining DeFi hacks coming from North Korean groups, who stole $428.8m from DeFi platforms in 2023, from $1.19bn in 2022.

Read more: Illicit Cryptocurrency Flows Drop 39% in 2023

North Korean Hackers Diversified Their Crypto Targets

To compensate for this loss of income, North Korean hackers diversified their attacks in 2023, adding centralized crypto platforms and crypto wallets (e.g. Atomic Wallet, Alphapo and Coinspaid) to their victim portfolio.

Products You May Like

Articles You May Like

Over 40% of Firms Struggle With Cybersecurity Talent Shortage
New Ivanti Vulnerability Observed as Widespread Security Concerns Grow
PDF Malware on the Rise, Used to Spread WikiLoader, Ursnif and DarkGate
All eyes on AI | Unlocked 403: A cybersecurity podcast
RustDoor macOS Backdoor Targets Cryptocurrency Firms with Fake Job Offers

Leave a Reply

Your email address will not be published. Required fields are marked *