Author

Topic: North Korean Hackers Stole Nearly $400 Million in Crypto Last Year (Read 250 times)

legendary
Activity: 2576
Merit: 1860
Who knows?

But what you're suggesting is probably more time-consuming and difficult. It's probably a lot easier to steal funds from those unpopular centralized exchanges, fake decentralized platforms, poorly-secured custodial wallets, and whatnot than to create hype.

It's not easy to market a shitcoin, to make it sell. They'll probably just stick to their hacking business. It's where they're experts at. It's where they gained almost $400 million in just a year. Perhaps they only need to expand their operation for a much bigger loot.
sr. member
Activity: 1708
Merit: 299
It appears ethereum and erc-20 tokens are Kim Jong's favorite crypto:

Quote
For the first time since Chainalysis began tracking North Korean cryptocurrency thefts, Bitcoin no longer represents anywhere near the majority of the country's take, accounting for only around 20 percent of the stolen funds. Fully 58 percent of the groups' cryptocurrency gains came instead in the form of stolen ether, the Ethereum network's currency unit. Another 11 percent, around $40 million, came from stolen ERC-20 tokens, a form of crypto asset used to create smart contracts on the Ethereum blockchain.

Bitcoin accounting for only 20% of the funds stolen by north korean hackers sounds like progress is being made.
This is like a normal thing to me, because most of these scams are more likely to come from the ERC 20 tokens and not from Bitcoin. Moreover if you check these days,there are more alternative cryptocurrencies and more that are being released in the market almost in everyday that passes by, over 10,000 of them currently in the market.

So, it shouldn’t be a surprise that majority of these scams that has taken place are coming from the altcoin market. Bitcoin is about less than 40% dominance in the market, and altcoin stakes the rest of the market dominance, so you would more likely see scam taking place in the altcoin market than you would see in Bitcoin.
hero member
Activity: 2814
Merit: 911
Have Fun )@@( Stay Safe
It appears ethereum and erc-20 tokens are Kim Jong's favorite crypto:
It may be easier to hack ERC 20 wallets and hence the Kim Jong's army is taking advantage of that loophole and doing their business of looting others as there is no other global trade they are conducting with other countries Cheesy. North Korea stole $400 million in cryptocurrency last year, what about the over all hacks that happened in the market. I am sure it will be over a billion dollars and some of the hacks were questionable including the Polygon hack.
legendary
Activity: 3500
Merit: 6320
Crypto Swap Exchange
Makes you wonder with all the scams going on in the markets with fake tokens and projects and DeFi and everything else why bother 'stealing'

All you need are a bunch of state sponsored web people to put up a bunch of sites and then to promote them on twitter / facebook / wherever to get some hype and then let the money roll in. No hacking needed. You will have people just lining up to give you money. Would save a lot of time and effort.

I mean has anyone looked at the Token / AltCoin Announcements boards here lately? It really is a cesspool. And people are still lining up to give away their money.

-Dave
full member
Activity: 1820
Merit: 107
That was a clear lapse from those crypto exchanges and I feel pity for them but on the other side, that was easy money for them (North Korean hackers) and I believe that it was an order by the North Korean leader itself, and if those crypto funds were already liquidated it can contribute to the development of their weapons of mass destruction which is not a good thing. Just my opinion!
hero member
Activity: 2268
Merit: 588
You own the pen
This will help Bitcoin or cryptocurrency-related projects to strengthen more their security because people's money is involved here and hackers are anywhere.

That's just how the way it is, whenever internet money in on the line, hackers are involved. no matter what industries we are talking about including Paypal and online banks, hackers will not exclude them, they will still every money they could if they see any flaw in their security system. That's why the most trusted exchanges nowadays are those who are not prone to hackers or have some strict rules and remedy for it. Just like what we have seen with Binance when they were got hack back then, nowadays they are more trusted than before because people know how strong they are.
hero member
Activity: 2002
Merit: 534
Wow 400 million is a lot of money and since north Korea is a dictatorship we know that Kim has to be directly involved. How is there no international pressure towards North Korea? I hate all types of scammers, but if a government is behind it it's even worse. It's a bit relieving that they don't only target bitcoins and seem to focus more on alt coins, still any theft is wrong. Can't we find a way for North Korea to be blocked from engaging in cryptos? Like will they exchange that 400 million into Chinese yuan or their own currency? If we can track the wallets the hacker used maybe we can get these funds banned from being sold on any exchange.
legendary
Activity: 2534
Merit: 1397
This is another one of the best examples of why there will be more projects will come to cryptocurrency and establish existing one.
This will help Bitcoin or cryptocurrency-related projects to strengthen more their security because people's money is involved here and hackers are anywhere.
This is also another treat to most centralized company that related to cryptocurrency such as exchanges.
sr. member
Activity: 1274
Merit: 293
It's not a lot of money for a country that they target but these cyber attacks funded and endorsed by North Korea is more damaging to infrastructures and documents rather than the money, we don't know what they're going to attack next and we know for a fact that US cyber infrastructure isn't good as WikiLeaks was able to get in it, what more can we expect if it's a rogue state.
member
Activity: 1218
Merit: 49
Binance #Smart World Global Token


Come to think of it...we in the cryptocurrency industry is indirectly funding the illicit activities of the North Korean regime since they are able to get the best hackers sowing chaos in the marketplace by victimizing as many platforms and people as possible. And I think this is not actually exclusive to NoKor because there are also other rogue countries who are doing the same thing since they know that the stake here can be so high, the prize can be so appetizing to anyone which is akin to doing multi-billion operation with so less of a capital needed. And based on what I am seeing now...there seems to be no solid solution to this problem since these hacker's can be 2 steps ahead of security providers...maybe we should be hiring these hackers instead.
hero member
Activity: 2338
Merit: 757
Top-tier crypto casino and sportsbook
Quote
A one-man operation means that every mistake is not going to get corrected till something really wrong happens like above, once the guy thinks everything is ok he is not going to check it once more, obviously, with multiple poeple, the problems might get spotted faster, just how the exchange won't get kaput if the one guy falls ill.
And there is the quadriga example, where one guy held all the keys, and we all know how that ended.
This is so scary idea to think about knowing how many people are using exchanges. I thought this can only happen with gambling platforms which i know few of them running promotion here in bitcointalk are controlled by one or two guys maximum. For an exchange, those details should be revealed at start and also providing a way to check it at anytime.
legendary
Activity: 3542
Merit: 1965
Leading Crypto Sports Betting & Casino Platform
I think we are seeing the tip of the Iceberg, because these hackers are so sophisticated. The ChainAnalysis  forensics can surely not follow the coins when it goes into Mixer services, so we know some of the stolen coins are not linked to them.  Roll Eyes

Mr Kim Jong-un (Rocket Man) are funding all those inter-continental ballistic missile experiments with the stolen Crypto currencies, even under very strict sanctions. I read somewhere that a fleet of 400 missiles will cost around $95.8 billion ..... and the estimates are that the hackers stole about $1.5 billion in cryptocurrency in the last 5 years. (So they can surely fund a couple of experimental rockets with that....seeing that the experimental rockets does not have nuclear warheads)

https://apnews.com/article/politics-e4b80421be5dba5c5f5a162e55ac0d94
legendary
Activity: 2912
Merit: 6403
Blackjack.fun
"Run by one or Two persons." !!? Really !?

Yup, really!  Grin
https://bitcointalksearch.org/topic/--5316404

lol... this guys above didnt know what they talk...unnamend never steals ur money... just one fact.. its one person behind them all. he has a normal life, perhaps he is working like we all do.all i know , he is working on all problems!
~

A one-man operation means that every mistake is not going to get corrected till something really wrong happens like above, once the guy thinks everything is ok he is not going to check it once more, obviously, with multiple poeple, the problems might get spotted faster, just how the exchange won't get kaput if the one guy falls ill.
And there is the quadriga example, where one guy held all the keys, and we all know how that ended.





hero member
Activity: 3038
Merit: 617
Articles from other crypto news sites actually thought these hackers are going to consider the cryptocurrency they got from hacking exchanges are going to be a long-term investment as said in this article https://www.banklesstimes.com/2021/12/28/north-korea-has-hacked-1-7-billion-worth-of-cryptocurrency-from-exchanges-considers-it-a-long-term-investment/

But they actually cash out BTC with ease. That's not good. Companies use to hire hackers to keep up with securities as seen in movies, it doesn't seem to be the case now because the incentives they get are more than what a company could provide in hiring them.
copper member
Activity: 246
Merit: 7
buy bitcoin, hodl bitcoin
I dont think this altcoin and erc20 token are bad, they are accelerate the growth and adoptioin. Its all good.
legendary
Activity: 2576
Merit: 1860
It appears ethereum and erc-20 tokens are Kim Jong's favorite crypto:

Bitcoin accounting for only 20% of the funds stolen by north korean hackers sounds like progress is being made.

I don't think these state-sponsored and most probably China-trained hackers are being choosy in terms of whether their loot is mostly in ETH or ERC-20 tokens or BTC. They're simply looking for soft targets and it so happened that most of what they have are ETH and ERC-20 tokens. The hackers don't probably mind this. They're cashing them out, anyway.

So, I don't think this body of data from Chainalysis is suggesting to stick with Bitcoin and avoid ETH and ERC-20 altcoins. What it's definitely saying is to avoid centralized exchanges and other platforms where there's only a single or a few points of attack and whose funds are under their direct control.
hero member
Activity: 2338
Merit: 757
Top-tier crypto casino and sportsbook
Rather than being of concern for bitcoin popularity these statistics should trigger some serious warnings call to everyone dealing with tokens and leaving them on some exchange run by one or two persons.
"Run by one or Two persons." !!? Really !?
If this can be verified and confirmed, i think it can help more people not to lose their savings. However, this is not the main reason about how we should't stake funds in form of altcoins, as it's also risky if staking them in personal wallets or in trusted exchanges .
legendary
Activity: 2912
Merit: 6403
Blackjack.fun
It's not a matter of Trends imo, it's all about how a thief can cash out his earnings with the minimum of problems.

Exactly.
Tokes are easy to swap, do that a few times and every tracing becomes impossible, plus there are a lot of victims, there are hundreds of exploits in all those rushed protocols, and on all the websites that have pop-up up lately only to cater for tokens. Most people who are trading with BTC to that on more reliable and established platforms that have tighter security, and in most cases those do secure their main stash of BTC in cold wallets.
Besides, when you deal with BTC you can have one wallet and that's it, when it comes to 1000 shitcoins and exchanges, be ready to have one hundred apps for them, the chances of downloading malware grow exponentially.

Rather than being of concern for bitcoin popularity these statistics should trigger some serious warnings call to everyone dealing with tokens and leaving them on some exchange run by one or two persons.



hero member
Activity: 2744
Merit: 588
The trend nowadays is not in bitcoin alone, but on ETH and ERC20 tokens. People have been swarming these projects like ants finding a food source for the first time. Most of these people are just urged to buy in to crypto, and don't really have sufficient knowledge to carry themselves in this kind of world yet, which makes them easy targets to hackers. Also, the projects these same people support are scams too, which is not really surprising considering how no one really bats an eye whenever a rug pull happens on these projects.

Hackers will always find a way where to get their money.
So if they are seeing that other networks like ETH have valuable amounts and they see their vulnerability.
They will try and try. After all, they are after for the money that they can siphon on these networks.
And they will only cash out if they know it will not be traced back to them. This is why it would take years before they move it.
But are we really sure that they are North Koreans? It means, NK are having sophisticated tools to hack crypto platforms.
hero member
Activity: 2338
Merit: 757
Top-tier crypto casino and sportsbook
Would still continue or making themselves blind until they would lost lots and this is the time they would make out some step in regards with it but for now they are making themselves to look blind
with the reality.

Hacking incidents are really that possible to happen yet  this had been a problem since this place or market looks like a honey pot since this do involves millions of dollars
and once they do succeed on doing that then it would really be easy money for them.

No matter what trend we are in but still these things do exist no matter what.
It's not a matter of Trends imo, it's all about how a thief can cash out his earnings with the minimum of problems.
I am really surprised to see that only 20% of stolen funds were in bitcoin knowing that mixers for bitcoin are a great advantage for hackers to erase all traces. DEFI can also act in the same field but it should be more limited compared to bitcoin and few other coins.
legendary
Activity: 3542
Merit: 1352
The trend nowadays is not in bitcoin alone, but on ETH and ERC20 tokens. People have been swarming these projects like ants finding a food source for the first time. Most of these people are just urged to buy in to crypto, and don't really have sufficient knowledge to carry themselves in this kind of world yet, which makes them easy targets to hackers. Also, the projects these same people support are scams too, which is not really surprising considering how no one really bats an eye whenever a rug pull happens on these projects.
hero member
Activity: 2996
Merit: 609
It is not a surprise, I am still wondering why some people still like DeFi, most ERC20 token scam will be DeFi

https://www.bitcoininsider.org/article/143113/centralization-issues-are-biggest-culprits-defi-attacks-certik

Quote
Centralization issues’ are the biggest culprits of DeFi attacks: CertiK

DeFi is one of crypto's biggest growth stories, but it's also riddled with the most controversy. The sector lost $1.3 billion due to exploits in 2021.
Would still continue or making themselves blind until they would lost lots and this is the time they would make out some step in regards with it but for now they are making themselves to look blind
with the reality.

Hacking incidents are really that possible to happen yet  this had been a problem since this place or market looks like a honey pot since this do involves millions of dollars
and once they do succeed on doing that then it would really be easy money for them.

No matter what trend we are in but still these things do exist no matter what.
legendary
Activity: 1106
Merit: 1337
Lightning network is good with small amount of BTC
It is not a surprise, I am still wondering why some people still like DeFi, most ERC20 token scam will be DeFi

https://www.bitcoininsider.org/article/143113/centralization-issues-are-biggest-culprits-defi-attacks-certik

Quote
Centralization issues’ are the biggest culprits of DeFi attacks: CertiK

DeFi is one of crypto's biggest growth stories, but it's also riddled with the most controversy. The sector lost $1.3 billion due to exploits in 2021.
legendary
Activity: 2562
Merit: 1441
Quote
The regime had a “banner year,” thanks to skyrocketing cryptocurrency values and a new generation of vulnerable startups.

THE PAST YEAR saw a breathtaking rise in the value of cryptocurrencies like Bitcoin and Ethereum, with Bitcoin gaining 60 percent in value in 2021 and Ethereum spiking 80 percent. So perhaps it's no surprise that the relentless North Korean hackers who feed off that booming crypto economy had a very good year as well.

North Korean hackers stole a total of $395 million worth of crypto coins last year across seven intrusions into cryptocurrency exchanges and investment firms, according to blockchain analysis firm Chainalysis. The nine-figure sum represents a nearly $100 million increase over the previous year's thefts by North Korean hacker groups, and it brings their total haul over the past five years to $1.5 billion in cryptocurrency alone—not including the uncounted hundreds of millions more the country has stolen from the traditional financial system. That hoard of stolen cryptocurrency now contributes significantly to the coffers of Kim Jong-un's totalitarian regime as it seeks to fund itself—and its weapons programs—despite the country's heavily sanctioned, isolated, and ailing economy.

"They've been very successful," says Erin Plante, a senior director of investigations at Chainalysis, whose report calls 2021 a "banner year" for North Korean cryptocurrency thefts. The findings show that North Korea's global, serial robberies have accelerated even in the midst of an attempted law enforcement crackdown; the US Justice Department, for instance, indicted three North Koreans in absentia in February of last year, accusing them of stealing at least $121 million from cryptocurrency businesses along with a slew of other financial crimes. Charges were also brought against a Canadian man who had allegedly helped to launder the funds. But those efforts haven't stopped the hemorrhaging of crypto wealth. "We were excited to see actions against North Korea from law enforcement agencies," Plante says, "yet the threat persists and is growing."

The Chainalysis numbers, based on exchange rates at the time the money was stolen, don't merely point to an appreciation of cryptocurrency's value. The growth in stolen funds also tracks with the number of thefts last year; the seven breaches Chainalysis tracked in 2021 amount to three more than in 2020, though fewer than the 10 successful attacks that North Korean hackers carried out in 2018, when they stole a record $522 million.

For the first time since Chainalysis began tracking North Korean cryptocurrency thefts, Bitcoin no longer represents anywhere near the majority of the country's take, accounting for only around 20 percent of the stolen funds. Fully 58 percent of the groups' cryptocurrency gains came instead in the form of stolen ether, the Ethereum network's currency unit. Another 11 percent, around $40 million, came from stolen ERC-20 tokens, a form of crypto asset used to create smart contracts on the Ethereum blockchain.

Chainalysis's Plante attributes that increased focus on Ethereum-based cryptocurrencies—$272 million in total thefts last year versus $161 million in 2020—to the skyrocketing price of assets in the Ethereum economy, combined with the nascent companies that growth has fostered. "Some of these exchanges and trading platforms are just newer and potentially more vulnerable to these types of intrusions," she says, "They're trading heavily in ether and ERC-20 tokens, and they're just easier targets."

While Chainalysis declined to identify most of the victims of the hacker thefts it tracked last year, its report does blame North Korean hackers for the theft of around $97 million in crypto assets from the Japanese exchange Liquid.com in August, including $45 million in Ethereum tokens. (Liquid.com didn't respond to WIRED's request for comment on its August hacker breach.) Chainalysis says it linked all seven 2021 cryptocurrency hacks to North Korea based on malware samples, hacking infrastructure, and following the stolen money into clusters of blockchain addresses it has identified as controlled by the North Korean hackers.

Chainalysis says the thefts were all carried out by Lazarus, a loose grouping of hackers all widely believed to be working in the service of the North Korean government. But other hacker-tracking firms have pointed out that Lazarus comprises many distinct groups. Security firm Mandiant nonetheless echoes Chainalysis' findings that stealing cryptocurrency has become a priority for virtually all of the North Korean groups it tracks, in addition to whatever other missions they may pursue.

Last year, for instance, two North Korean groups Mandiant calls TEMP.Hermit and Kimsuky both seemed tasked with targeting biomedical and pharmaceutical organizations, likely to steal information related to Covid-19, says Fred Plan, a senior analyst at Mandiant. Yet both groups continued to target cryptocurrency holders throughout the year. "That consistency of financially motivated operations and campaigns continues to be the undercurrent of all these other activities that they had to do in the past year," says Plan.

Even the group Mandiant calls APT38—which has previously focused on more traditional financial intrusions, such as the theft of $110 million from the Mexican financial firm Bancomext and $81 million from Bangladesh's Central Bank—now appears to have turned its sights on cryptocurrency targets. "Almost all of the North Korean groups we track have a finger in the pie of cryptocurrency in some way," Plan says.

One reason the hackers have focused on cryptocurrency over other forms of financial crime is no doubt the relative ease of laundering digital cash. After APT38's Bangladeshi bank heist, for instance, the North Koreans had to enlist Chinese money launderers to gamble its tens of millions at a casino in Manila to prevent investigators from tracking the stolen funds. By contrast, Chainalysis found that the groups have plenty of options to launder its stolen cryptocurrency. They've cashed out their gains through exchanges—largely exploiting ones based in Asia and trading their cryptocurrency for Chinese renminbi—that have less-than-stringent compliance with "know-your-customer" regulations. The groups have often used "mixing" services to obscure the money's origins. And in many cases they've used decentralized exchanges designed to directly connect cryptocurrency traders with no intermediary, often with little in the way of anti-money-laundering rules.

Chainalysis found that the North Koreans have been remarkably patient in cashing out their stolen crypto, often holding onto the funds for years before beginning the laundering process. The hackers, in fact, appear to still be holding on to $170 million in unlaundered cryptocurrency from previous years' thefts, which they'll undoubtedly cash out over time.

All of those hundreds of millions, says Mandiant's Fred Plan, will end up in the accounts of a highly militarized rogue nation that has spent years under severe sanctions. "The North Korean regime has figured out they don't have any other options. They don't have any other real way of engaging with the world or with the economy. But they do have this pretty awesome cyber capability," says Plan. "And they're able to leverage it to bring money into the country."

Until the cryptocurrency industry figures out how to secure itself against those hackers—or to prevent their coins from being laundered and converted into clean bills—the Kim regime's illicit, ethereal revenue stream will only continue to grow.



https://www.wired.com/story/north-korea-cryptocurrency-theft-ethereum/


....


It appears ethereum and erc-20 tokens are Kim Jong's favorite crypto:

Quote
For the first time since Chainalysis began tracking North Korean cryptocurrency thefts, Bitcoin no longer represents anywhere near the majority of the country's take, accounting for only around 20 percent of the stolen funds. Fully 58 percent of the groups' cryptocurrency gains came instead in the form of stolen ether, the Ethereum network's currency unit. Another 11 percent, around $40 million, came from stolen ERC-20 tokens, a form of crypto asset used to create smart contracts on the Ethereum blockchain.

Bitcoin accounting for only 20% of the funds stolen by north korean hackers sounds like progress is being made.

Jump to: