North Korean hackers are accused of stealing more than $1.3 billion in cryptocurrency in 2024, double the amount in 2023, accounting for 61% of the total amount of cryptocurrency stolen globally.

According to the latest report from blockchain analysis firm Chainalysis released on December 19, hacker groups linked to North Korea stole a record amount of cryptocurrencies of more than $1.3 billion in 2024.

The figure is nearly double the $660 million stolen in 2023 and accounts for about 61% of the $2.2 billion in cryptocurrency stolen globally this year. The report shows a significant increase in both the frequency and scale of attacks, indicating the growing sophistication of North Korean hacker groups.

Chainalysis recorded 47 separate attacks attributed to North Korea in 2024. Notably, the number of large attacks, with values ​​ranging from $50 million to $100 million, and even exceeding $100 million, increased sharply compared to 2023.

This is in stark contrast to the previous two years, when each attack typically generated less than $50 million in profits. Chainalysis said this suggests that North Korean hacker groups are “becoming more proficient and faster at executing large-scale attacks.”

Amount of cryptocurrency stolen by North Korean hackers from 2016 to 2024. Source: Chainalysis Targets and attack methods

Cryptocurrency and blockchain companies continue to be the primary targets of these attacks. The report did not provide specific details on the attack methods used, but previous reports from Chainalysis and other cybersecurity firms have shown that North Korean hacker groups often use sophisticated techniques, including phishing, exploits, and supply chain attacks.

The US government has repeatedly imposed sanctions on individuals and entities involved in North Korean money laundering, citing cryptocurrency thefts by these hacker groups.

The surge in attack activity in the first half of 2024 contributed significantly to the record loss figure. However, Chainalysis also noted a significant decline in activity from North Korean hacker groups in Q3 and Q4 2024. Although this coincided with Russian President Vladimir Putin's visit to Pyongyang, Chainalysis cautioned that it was too early to draw a definitive connection between the two events.

The company also noted that attack activity could pick up again later in the year, as hackers typically ramp up their activity during the holidays. One theory is that North Korea may have reduced its reliance on cryptocurrency theft after strengthening its political and military ties with Russia. However, this remains a theory and requires more time to verify.

In general, the total value of stolen cryptocurrencies globally in 2024 will reach $2.2 billion, up 21% from 2023 but still significantly lower than the $3.7 billion in 2022.

Chainalysis’ report found that decentralized finance (DeFi) platforms were the main targets in Q1 2024, while centralized services were the top targets in Q2 and Q3. Examples include the attack on the BingX exchange in September, which caused a loss of about $44 million, and the attack on the Indian exchange WazirX in July, which caused a loss of up to $235 million.