According to new data from Chainalysis, North Korean hackers stole nearly $ 400 million worth of cryptocurrencies in 2021 through cyber attacks. A report released Thursday by the blockchain analytics firm shows that the type of cryptocurrency stolen has also changed dramatically, according to QuintelGraph. In 2017, almost all of the cryptocurrencies stolen by North Korea were bitcoins, but now they make up only one-fifth of those assets.
In 2021, only 20% of the stolen funds were bitcoins, while 22% were either ERC-20 tokens or altcoins. For the first time, ETH accounted for 58% of the stolen funds.
The report says that the 2021 attacks by North Korea (DPRK) primarily targeted investment companies and centralized exchanges, and used phishing attacks, code abuse, malware, and advanced social engineering to obtain cryptocurrencies.
According to the UN Security Council, North Korea is believed to be using stolen digital currencies to evade economic sanctions and help finance nuclear weapons programs and ballistic missiles.
The threat posed by North Korea to global encryption platforms has always been. Chainalysis now refers to hackers in the Hermit kingdom, including the Lazarus group, as sustained advanced threats. These threats have increased over the past three years in pursuit of the highest record, more than $ 500 million in digital currency theft in 2018.
Chainalysis reported that the stolen cryptocurrencies were carefully laundered. Among the money laundering methods used by North Korean hackers are chain mutation, the “peeling chain” method, and more recently, the complex coin exchange and mixing system.
More than 65% of the stolen funds in 2021 use a mixer, which is three times more than in 2019. Mixer is a software-based privacy system that allows users to hide the source and destination of coins sent. Decentralized exchanges are increasingly preferred by hackers; Because it is unlicensed and provides the user with enough cash to exchange coins.
Chainalysis mentioned the August 19, 2021 hack on Liquid.com; An attack in which $ 91 million worth of digital currency was stolen. The hackers first exchanged ERC-20 coins with ether (ETH) in decentralized exchanges. The ETH was then sent to a mixer and exchanged for bitcoin. Finally, bitcoin was sent to centralized Asian exchanges as a possible Fiat slope from the mixer.