Key takeaways:
- North Korea’s Lazarus Group Emerges as a Cybersecurity Menace, Pilfering $600 Million in Crypto.
- Despite the huge losses, crypto hacks were less in 2023 than in previous years
In a year marred by significant cybersecurity incidents, North Korea (DPRK) has solidified its position as a formidable player in digital theft through the activities of the highly sophisticated Lazarus group.
Accused of orchestrating cryptocurrency hacks amounting to a staggering $600 million in 2023, according to CertiK, the Democratic People’s Republic of Korea (DPRK) has become a prominent actor in the escalating realm of high-stakes cybercrime.
DPRK hackers, operating under the banner of the Lazarus group, have reportedly pilfered approximately $3 billion worth of cryptocurrency since 2017.
This signals a significant uptick in the country’s attacks involving digital assets, with a notable surge recorded in the past year. CertiK’s research highlights the evolving methods employed by DPRK for money laundering, continually adapting to evade international law enforcement pressure.
(@TRMLABS)
According to CertiK’s findings, DPRK hackers typically compromise users’ private keys or seed phrases, facilitating the unauthorized transfer of funds to DPRK-controlled wallets. Subsequently, the ill-gotten assets are often swapped for Tether, adding a layer of complexity to tracking and recovering stolen funds.
Recognizing the escalating threat posed by North Korea’s cyber activities, the United States, South Korea, and Japan have collectively introduced groundbreaking initiatives aimed at addressing cyber threats, cryptocurrency abuses, and space launches.
Despite these efforts, the new report indicates that DPRK was responsible for almost one-third of all funds stolen in crypto attacks last year, showcasing a 30% reduction from the staggering $850 million haul in 2022.
Hacks attributed to the DPRK prove to be, on average, ten times as damaging as those not linked to North Korea. The cumulative loss of nearly $3 billion to Pyongyang-linked threat actors since 2017 underscores the severity of the situation.
The ever-evolving money laundering methods employed by DPRK demand continuous vigilance and innovation from businesses and governments, according to TRM Labs.
As the U.S. sanctions and enforcement actions targeted Tornado Cash and ChipMixer, the DPRK adeptly pivoted to another mixer, the BTC service Sinbad, showcasing the adaptability and resilience of North Korea’s cyber operations.
Despite advancements in cybersecurity among exchanges and increased international collaboration in tracking and recovering stolen funds, the forecast for 2024 suggests that the world may witness further disruptions from one of the most prolific cyber threats on the global stage.
