Victims of North Korea-linked crypto thefts may take some comfort in knowing that connected wallets have plunged in value.
Despite the recent drawdown, the exponential rise in the value of cryptocurrencies over the past decade has made them key targets. Hackers are regularly seeking to obtain cryptocurrencies through hacks and ransomware campaigns.
Fortunately, transactions on most blockchains are easy to track. Wallets connected with North Korean hacking groups like Lazarus have been identified and watched closely for transactions and changes in value.
Lazarus was connected to a hack targeting Axie Infinity’s Ronin bridge. Over $600 million worth of Ethereum was stolen in the attack.
However, that’s far from the first crypto attack by North Korean hackers. Last week, Bloomberg reported that North Korean-backed hackers have stolen as much as $2 billion in crypto over the past decade.
According to Chainalysis, old wallets controlled by North Korea – with funds from hacks between 2017 and 2021 – were worth $170 million at the start of this year. Amid the crypto sell-off, their value has dropped to $65 million.
Stolen funds are bad enough, but what those funds are going on to be used for is arguably even worse.
A recent UN report suggests that North Korea is using stolen crypto funds to pay for its nuclear and ballistic missile programs. The report highlighted the country launched nine missiles in January alone, the largest number it has carried out in a single month.
Another high-profile hack occurred last week that looks increasingly likely to be the work of North Korean hackers.
Harmony’s Horizon bridge was exploited and close to $100 million in cryptocurrencies were stolen. Harmony attempted to communicate with the hacker “with an embedded message in a transaction to the culprit’s address” and offered a $1 million bounty for the return of the funds along with the promise of no criminal charges.
The hacker(s) ignored the message and began laundering funds through Tornado Cash—a “mixer” which breaks the on-chain link between source and destination addresses.
Harmony is now collaborating with the FBI, Chainalysis, and another unnamed blockchain tracing and analysis partner.
Chainalysis claims “the attack vector & high velocity of structured payments to a mixer is similar to previous attacks that were attributed to DPRK-linked actors”.
Want to learn more about blockchain from industry leaders? Check out Blockchain Expo taking place in Amsterdam, California and London.
Explore other upcoming enterprise technology events and webinars powered by TechForge here.