North Korean hackers steal $497M in crypto from US businesses
Since 2017, the North Korea-backed hackers stole $721 million from Japan — equating to 30% of their illicit wealth.
North Korean hackers have stolen $497 million in cryptocurrencies from U.S. businesses since 2017, according to a Nikkei-sponsored Elliptic analysis.
The Elliptic analysis focused on businesses whose cryptocurrencies were transferred to wallets connected to North Korea’s state-sponsored Lazarus Group — a group notoriously behind the exploitation of several DeFi projects.
The United Nations and the U.S. government have severally highlighted how the Asian country backs cybercrime to fund its missile program. A UN report claimed that hackers in the country stole over $1 billion in crypto assets in 2022, more than double in 2021.
Earlier today, an official of the U.S. Department of Justice (DOJ), Eun Young Choi, said the federal agency was increasing its scrutiny of DeFi exploiters because of the prevalence of North Korea-backed hackers in these activities.
Meanwhile, the Nikkei-sponsored analysis showed that the state-sponsored hackers also focused their activities on other countries like Japan, Vietnam, and Hong Kong.
North Korean hackers have stolen $2.3B
According to the analysis, the hackers stole $2.3 billion in crypto assets from businesses worldwide over the last five years.
Japan is a major target for these hackers as they stole $721 billion from firms in the country — equating to 30% of their illicit wealth. It is followed by Vietnam, where they stole $540 million and $281 million from Hong Kong.
The study found that the hackers relied on ransomware payments and hacking to get their illicit funds. In some cases, they stole directly from crypto exchanges or exploited the vulnerability in cross-chain DeFi projects like Horizon. There were also instances where they hacked businesses’ data and forced them to pay ransom in cryptocurrencies.
Meanwhile, the hackers appear to focus on Japan and Vietnam crypto exchanges due to their poor security. Elliptic reported that North Korean hackers hacked at least three exchanges in Japan between 2018 and 2021.