Recently, a confidential United Nations report uncovered the alarming activities of North Korea’s cybercriminal group, the Lazarus Group. This group managed to transfer millions of dollars’ worth of stolen cryptocurrency back to North Korea through various illicit means. One notable incident involved the theft of $147.5 million in cryptocurrency from a prominent crypto exchange owned by TRON founder Justin Sun. The funds were then funneled back to North Korea using a sanctioned crypto mixing service known as Tornado Cash.
The United Nations Security Council (UNSC) sanctions committee has been closely monitoring the activities of North Korean hackers, revealing a staggering 97 suspected cyberattacks on cryptocurrency firms between 2017 and 2024. These attacks amounted to approximately $3.6 billion in stolen funds. Additionally, North Korean IT workers operating abroad have been identified as a significant source of income for the country, as reported by various U.N. member states and private companies.
In a troubling development, Russia reportedly released a portion of frozen North Korean assets and allowed Pyongyang to open an account at a Russian bank in South Ossetia. This move has raised concerns about North Korea’s access to international banking networks and the potential for further illicit financial activities. Furthermore, the Lazarus Group and other North Korean hackers have been involved in high-profile hacks within the cryptocurrency and decentralized finance (DeFi) sectors. Tornado Cash has been identified as a preferred tool for laundering stolen funds.
The escalation of cyberattacks by North Korean hackers poses a significant threat to the cryptocurrency industry and global security. Despite efforts to impose sanctions and crackdown on illicit activities, the total amount of stolen cryptocurrency continues to rise. In 2023, North Korean hackers targeted decentralized finance platforms, stealing a substantial amount of $429 million. Centralized services, exchanges, and wallet providers have also fallen victim to these cybercriminals, with losses amounting to $150 million, $330.9 million, and $127 million, respectively.
The rise of North Korean cybercriminals in the cryptocurrency industry highlights the need for enhanced cybersecurity measures, international cooperation, and regulatory oversight. Without swift action to address this growing threat, the security and stability of the digital assets ecosystem remain at risk.