The Hackers Responsible for a Third of Crypto Hacks in 2023
This post is also available in: 
עברית (Hebrew)
A new report by TRM Labs reveals the culprits responsible for nearly 33% of all cryptocurrencies stolen through hacking incidents in 2023 – North Korea.
The report estimates that North Korean hackers looted up to $700 million worth of crypto in the past year alone, bringing the total amount of crypto stolen by hackers since 2017 to $3 billion, which indicates a surge in cyberattacks on digital assets.
TRM Labs reports that North Korea’s methods of money laundering are “constantly evolving” to evade international law enforcement and suggest that the hackers usually steal users’ private keys, transfer the funds to wallets controlled by North Korean operatives, and then exchange the assets for “Tether” (a stablecoin pegged to the US dollar).
According to Interesting Engineering, North Korea has been exploring many different laundering tools, like cryptocurrency mixers that obscure the origin and destination of transactions. Nevertheless, following sanctions imposed on two popular mixers by the US Treasury Department (Tornado Cash and Sinbad), the criminals moved to other alternatives.
TRM Labs warns that North Korea’s hacking expertise “demands continuous vigilance and innovation from businesses and governments,” and predicts that despite notable advancements in cybersecurity among exchanges and increased international collaboration in tracking and recovering stolen funds, 2024 is likely to see further disruption from this cyber-thief.
This report comes after the US Treasury Department (along with allies in Australia, Japan, and South Korea) imposed sanctions on eight foreign-based agents of North Korea and the cyber espionage group “Kimsuky” in response to the country’s military reconnaissance satellite launch in November of 2023.
The Kimsuky group specializes in collecting intelligence on foreign policy, national security, nuclear policy, and sanctions related to the Korean peninsula. Reportedly, it mainly uses spear-phishing techniques to target individuals working for government organizations, research centers, think tanks, academic institutions, and news media outlets across Europe, Japan, Russia, South Korea, and the United States.
