Blockchain intelligence firm TRM Labs revealed that hacker groups affiliated with the North Korean government were responsible for stealing cryptocurrency assets worth US$600 million in 2023.
The report also stated the amount of stolen cryptocurrency assets may increase to around $700 million if experts can confirm the role of North Korean hackers behind recent hacks in Orbit Chain on December 31, 2023.
Although the total amount of stolen cryptocurrency assets in 2023 has reduced from $850 million in 2022, the stolen $600 million crypto assets still prove the potential increase of crypto heist threats posed by North Korean hackers in recent years.
North Korea-affiliated hackers perform almost all of their attacks by compromising private keys and seed phrases and transferring the victims’ digital assets to the hackers’ wallet addresses. The hackers then swapped most of these assets for USDT or Tron and converted them into hard currency via high-volume OTC brokers.
Reliance on crypto mixer platforms
North Korea’s cybercrime attacks against individuals, institutions and corporations are part of its workaround against international economic sanctions. The country resorted to cybercrime as a venture to garner profit from illicit cybercrime attacks.
North Korean hacker groups previously relied on crypto obfuscation platforms like ChipMixer and Tornado Cash before the German and U.S. governments rendered these platforms inactive in 2023 and 2022.
North Korean hackers then switched to the crypto mixer platform Sinbad to launder stolen digital assets and obfuscate transactions. The U.S. and Dutch authorities eventually sanctioned and seized Sinbad in late November 2023 due to its alleged role as North Korea’s notorious Lazarus Group’s “key money-laundering tool.”
After shutdowns of multiple crypto mixer platforms North Korean hacker groups allegedly used, the TRM report said they continue searching for alternative laundering tools to continue attacks against crypto asset owners.
Although institutions, corporations and legitimate crypto platforms continue reinforcing digital security as a bulwark against cybercrime actors, experts predict North Korean hacker groups will continue attacking digital financial platforms to accumulate profit via illicit means.