North Korean hackers stole almost $400m (£291m) worth of digital assets in at least seven attacks on cryptocurrency platforms last year, a report claims.
According to Chainalysis, one of the most successful years on record for cybercriminals in the closed east Asian state.
The attacks were primarily directed at investment firms and centralised exchanges.
North Korea has routinely denied involvement in hacking attacks blamed on them.
“From 2020 to 2021, the number of North Korean-linked hacks jumped from four to seven, and the value extracted from these hacks grew by 40%,” Chainalysis said in a report.
According to the company, the hackers used a variety of techniques, including phishing lures, code exploits, and malware, to syphon funds from the organisations’ “hot” wallets and then move them to North Korean-controlled addresses.
Cryptocurrency hot wallets are vulnerable to hacking because they are connected to the internet and the cryptocurrency network. They are used to send and receive cryptocurrency and to see how many tokens a user has.
Many experts recommend transferring large amounts of cryptocurrency that are not needed on a daily basis to “cold” wallets, which are disconnected from the internet.
According to Chainalysis, many of last year’s attacks were likely carried out by the so-called Lazarus Group, a hacking group sanctioned by the US.
The group is thought to be under the control of North Korea’s main intelligence agency, the Reconnaissance General Bureau.
The Lazarus Group has previously been accused of being involved in the “WannaCry” ransomware attacks, as well as hacking international banks and customer accounts and cyber-attacks on Sony Pictures in 2014.
- Massive cyber-attack hits 99 countries
- Sony Pictures computer system hacked
- The Lazarus heist: How hackers tried to steal $1bn
“Once North Korea obtained custody of the funds, they began a careful laundering process to cover up and cash out,” according to the report on last year’s cyber attacks.
A UN panel that monitors North Korean sanctions has accused Pyongyang of using stolen funds to support its nuclear and ballistic missile programmes in order to avoid international sanctions.
Separately, the US charged three North Korean computer programmers in February of last year with a massive hacking spree aimed at stealing more than $1.3 billion in money and cryptocurrency.
According to the Department of Justice, the cyber attacks targeted businesses ranging from banks to Hollywood film studios.