North Korean hackers sent millions in stolen cryptocurrency via Tornado Cash last year, a UN report shows.
A confidential United Nations report obtained by Reuters shows that since last year, the notorious North Korean cybercrime group Lazarus Group has transferred millions in stolen cryptocurrency back to the Asian country.
In March 2023, a North Korean hacker group illegally stole $14,750 worth of cryptocurrency from the HTX exchange, owned by Tron founder Justin Sun. A year later, they used the sanctioned crypto mixer Tornado Cash to transfer the funds into the closed country.
Cyberattacks from North Korean hacker gangs
Monitors told a United Nations Security Council (UNSC) sanctions committee they have been investigating 97 suspected North Korean cyberattacks on cryptocurrency companies worth about $3.6 billion between 2017 and 2024, according to a report submitted last week.
The monitors also reported that North Korean IT workers abroad earn a significant income for their country, based on information from UN member states and private companies. They are also investigating a February 6 New York Times report claiming that Russia has unfrozen $9 million of North Korea's $30 million in assets and allowed Pyongyang to open accounts in Russian banks in South Ossetia, giving it easier access to international banking networks.
The Lazarus Group and other North Korean hackers have executed some of the most profitable hacks in the cryptocurrency and DeFi space, and Tornado Cash has been their mixer of choice.
In 2022, the United States imposed sanctions on Tornado Cash for accusing it of assisting North Korea, and in 2023, two of the platform’s co-founders were indicted for helping to launder more than $1 billion, including aiding a North Korean-linked cybercrime organization.
North Korea Diversifies Targets in $1 Billion Crypto Theft
A report released earlier by the United Nations Security Council (UNSC) revealed that 50% of North Korea's foreign exchange income comes from cyber attacks. The country has expanded its attack targets on cryptocurrency platforms in 2023, with an unprecedented number of attacks.
However, according to Chainalysis’ analysis, the total amount stolen actually decreased compared to 2022. Still, the number of hacks reached a record high of 20, which coincided with a generally sluggish period in the cryptocurrency market.
In 2023, a blockchain analysis company predicts that the total value of stolen cryptocurrencies will be slightly over $1 billion. Notably, North Korean hackers focused on decentralized finance (DeFi) platforms, stealing about $429 million from them. In addition, they also attacked centralized services, exchanges, and wallet service providers, stealing $150 million, $330.9 million, and $127 million, respectively.
Conclusion:
A confidential UN report reveals the cyberattacks of the North Korean Lazarus Group, a major threat to the cryptocurrency and DeFi sectors in particular. Despite facing sanctions, the group continues to transfer large amounts of stolen funds through mixers such as Tornado Cash. In 2023, although the total losses decreased from the previous year, the activities of North Korean hackers still led to a record number of cryptocurrency thefts.
In the future, as regulatory policies are gradually improved and international cooperation is strengthened, we expect to be able to deal with cybercrime more effectively and protect the security and stability of the cryptocurrency sector. This requires global efforts to build a more secure, transparent and standardized cryptocurrency ecosystem. #LazarusGroup #朝鲜黑客 #UNSC
