According to blockchain research firm Chainalysis, North Korean hackers carried out at least seven attacks on cryptocurrency platforms in 2021, stealing about $400 million worth of assets.
The company says that from 2020 to 2021, the number of attacks linked to North Korean hackers increased from four to seven, and criminal proceeds increased by 40%. After gaining access to cryptocurrencies, the attackers began carefully laundering and transferring funds into traditional assets.
Although some politicians have accused the North Korean authorities of using such funds to support nuclear weapons and ballistic missile programs, the country itself has not commented on such allegations, but previously issued a statement denying involvement in hacking.
The chain analysis could not determine all attack targets. It is understood that investment companies and centralized exchange services have become the main victims. The hackers reportedly used phishing, software vulnerabilities, malware and social engineering to gain access to other people’s assets and withdraw funds. It is also claimed that many of the attacks are being carried out by hackers linked to the DPRK’s main intelligence agency.
According to Chainalysis, it was able to identify approximately $170 million worth of old, “unwashed” stolen assets obtained as a result of 49 separate attacks from 2017 to 2021. It is still unknown why the people or organizations behind their theft didn’t launder them and convert them into cash at the time. The company intends to inform the intelligence agencies about these funds before the funds are spent.