Trending

North Korean hackers stole $400 million in cryptocurrency last year — they're in no rush to cash out

Business Insider US
North Korea-linked hackers stole nearly $400 million in cryptocurrency last year.
Kim Won Jin/AFP/Getty Images
  • After dipping in 2019, the number of North Korean-linked hacks grew in 2020 and 2021.
  • Ether accounted for about 60% of the funds stolen in 2021.
  • Many of these attacks were likely carried out by the Lazarus Group linked to the WannaCry ransomware attack.
  • For more stories go to www.BusinessInsider.co.za.

North Korea stole nearly $400 million worth in cryptocurrency in 2021, making it a "banner year" for the country's cybercriminals, according to blockchain analysis firm Chainalysis.

The attacks were targeted at investment firms and centralised exchanges, Chainalysis said in a report released on Thursday. Ether accounted for about 60% of the funds stolen last year, while bitcoin made up just 20% of the pilfered cryptocurrencies.

"Once North Korea gained custody of the funds, they began a careful laundering process to cover up and cash out," said the report.

After dipping in 2019, the number of North Korean-linked hacks grew in 2020 and 2021, with the value extracted from these hacks growing by 40%, Chainalysis noted.

Many of these attacks were likely carried out by the Lazarus Group, which is linked to the WannaCry ransomware attack in 2017 and another major attack on Sony Pictures in 2014.

But the group has since concentrated its efforts on cryptocurrency crime, stealing and laundering virtual currencies over $200 million in value each year, said Chainalysis.

Chainalysis also identified $170 million in current balances that are controlled by North Korea but have yet to be laundered — one-third or $55 million of the amount was from attacks carried out in 2016, "meaning that DPRK has massive unlaundered balances as much as six years old," referring to the country by its official name, the Democratic People's Republic of Korea.

"It's unclear why the hackers would still be sitting on these funds, but it could be that they are hoping law enforcement interest in the cases will die down, so they can cash out without being watched," said Chainalysis.

"Whatever the reason may be, the length of time that DPRK is willing to hold on to these funds is illuminating, because it suggests a careful plan, not a desperate and hasty one," the analysis firm added.

The United Nations said North Korea-linked hackers stole $316 million in 2020 to support the country's faltering economy and fund its nuclear weapons programme.

North Korea has routinely denied hacking allegations.

Get the best of our site emailed to you every weekday.


Go to the Business Insider front page for more stories.

Rand - Dollar
16.41
-1.3%
Rand - Pound
19.81
-0.9%
Rand - Euro
16.70
-0.5%
Rand - Aus dollar
11.58
-0.5%
Rand - Yen
0.12
-1.5%
Gold
1,779.86
-1.2%
Silver
20.30
-2.5%
Palladium
2,179.00
-2.2%
Platinum
938.50
-2.9%
Brent Crude
98.15
-1.5%
Top 40
64,022
+0.0%
All Share
70,741
+0.0%
Resource 10
63,315
-1.1%
Industrial 25
86,967
+0.5%
Financial 15
16,154
+0.6%
All JSE data delayed by at least 15 minutes Iress logo