North Korea’s Crypto Heist: $3 Billion Stolen for Weapons Development
On Monday, the United Nations Security Council released a report that proved that over the past seven years, North Korea has stolen approximately $3 billion through cryptocurrencies. The approximately $3 billion loss was siphoned into the development of the weapons of mass destruction (WMDs).
North Korean Hackers’ Targets
It is reportedly said in the report that the main targets of North Korean hackers are crypto companies and wealthy individuals. These cyber criminals employ social media to deceive victims. The trick is to create fake profiles of celebrities and professionals, publish fake stories about them and promote fake internet sites that contain phishing links to scam the victims.
Expert Insights
David Robinson, co-founder of Internet 2.0 and a former Australian Army Intelligence Officer, spoke of these scams in a recent interview with Sky News.
“Consumers are at a huge risk from North Korean hackers,” David Robinson told me. “They have taken away $3 billion so far, according to the UN”.
Scale of Cyberattacks
The U.N. Security Council sanctions committee reported that it had probed 97 cyberattacks on cryptocurrency companies that were supposed to be the work of the North Koreans between 2017 and 2024. The total amount of money that was meant to be skimmed off was $3.6 billion. The blockchain analysis firm Chainalysis estimated that North Korean cyberattackers stole $400 million in 2021 only, with the majority of the stolen funds coming from Ethereum (ETH).
Emerging Hacking Techniques
Last May, some reports about the North Korean crackers inventing a new malware version called “Durian” to be able to focus on the crypto companies in South Korea arose. A May 9th threat report from the cybersecurity company Kaspersky reported that the North Korean hacking group Kimsuky employed the program for specific attacks on two South Korean cryptocurrency companies. These attacks took advantage of the authentic security software used only by those firms.
Social Media Fraud
North Korean hackers have been using social networking platforms as a means of spreading Ponzi schemes with the help of cryptocurrencies. Through the creation of fake profiles, they are able to circulate information on the so-called “crypto dumps”, which are schemes created for the purpose of taking away money from people’s wallets, as well as phishing links that are embedded in cloud storage databases to workers who generally give them license to access such content. These scammers thus follow the example of the classical cryptography scam practice.
Collaboration with Russia
Beginning from 2021 onwards, Russia’s crypto exchanges have initiated the development of a strong operational structure with the help of North Korean hacker groups. Upon reaching an agreement with such cooperation, North Korean hackers would be transferring their stolen cryptos to Russias crypto market that is also being tracked often by international organizations streaming out of the country. Initiation of these backchannel communication channels and usage of Russian exchanges are confirmed by the blockchain analysts provided by Chainalysis, who admitted to tracking criminals on Russian exchanges passing stolen funds from the auto-trading platforms.
According to data tracked by Chainalysis, these groups transfer money through the Russian stock exchanges to a membership account that comes from different platforms. This cooperation emphasizes a strong bond that is between North Korean and Russian cybercriminals.