New data from Chainalysis shows that North Korean crypto hackers stole nearly $400 million worth of crypto through cyber attacks in 2021.
On Jan. 13, the blockchain analytics firm released its report on how much cryptocurrency has been stolen. The type of cryptocurrency that has been stolen has changed a lot. In 2017, most of the crypto stolen by the DPRK came from BTC, but now it only makes up one fifth:
“In 2021, only 20% of the stolen funds were Bitcoin, whereas 22% were either ERC-20 tokens or altcoins. And for the first time ever, Ether accounted for a majority of the funds stolen at 58%.”
Attacks from North Korea (DPRK) in 2021 mostly targeted “investment firms and centralized exchanges,” the report said. They used phishing, malware, and advanced social engineering to get the money.
DPRK is thought to be using stolen cryptocurrency to avoid economic sanctions and to help fund nuclear weapons programs, according to a report from the UN Security Council.
Cryptocurrencies around the world face a constant threat from the DPRK, and that threat has become more and more common.
It used to call hackers from the Hermit Kingdom “advanced persistent threats,” but now Chainalysis calls them that. Hackers like the Lazarus Group are now being called that (APT).
Three years ago, more than $500 million worth of crypto was stolen. Since then, these threats have been on the rise.
Chainalysis said that the money was carefully shifted around.
Chain hopping, the “Peel Chain” method, and a complicated system of coin swaps and mixing are some of the ways hackers have tried to get into the system.
There were more mixers used in 2021 than in 2019. That’s a three-fold rise from 2019.
A “mixer” is a piece of software that lets people hide the source and destination of the coins they send.
A lot of hackers are now going for “decentralized trading exchanges” (DEX) because they don’t need permission and have a lot of money for people to trade coins as they want.
As an example, Chainalysis used the Aug. 19, 2021 hack at Liquid.com in which $91 million in crypto was stolen as an example of how DPRK hackers often try to hide their money.
Exchanges that aren’t run by a company first let people trade ERC-20 coins for Ether (ETH).
It was then sent to a mixer, where it was mixed with Bitcoin (BTC).
In the end, BTC was sent from the mixer to centralized Asian exchanges as a possible way to get money out of it.