A recent report from the United Nations sheds light on North Korea’s extensive involvement in cyberattacks, with a particular focus on targeting cryptocurrency firms amidst sanctions enforcement and nuclear concerns.
The United Nations Security Council recently published a report revealing North Korea’s increasing engagement in cyberattacks, which now make up nearly half of its foreign currency earnings. Investigations are ongoing, but the report highlights that North Korea has already generated approximately $3 billion due to inadequate security measures in crypto-related entities such as protocols and companies.
While the report is not legally binding, it could prompt the Security Council and member states to impose new sanctions on entities or individuals found to be in violation. It also underscores that around 40% of funds for weapons of mass destruction development were acquired through cyberattacks. Recent targets of these operations include defense-related companies, with a rise in the sharing of infrastructure and tools among hackers associated with the Reconnaissance General Bureau, North Korea’s primary foreign intelligence service.
Despite efforts to enforce economic sanctions aimed at restricting financial flows to North Korea and controlling imports and exports, cybercriminals linked to the country continue to target the cryptocurrency market. In 2023, hackers affiliated with North Korea stole almost $430 million from decentralized finance (defi) platforms and also attacked centralized services, exchanges, and wallet providers. Data from blockchain forensics firm Chainalysis reveals that hacking groups Kimsuky and Lazarus Group executed 20 successful attacks on various platforms, resulting in around $1 billion worth of stolen crypto in 2023. This marks a 41.7% decrease in stolen funds compared to 2022.
“While the total amount stolen from crypto platforms decreased significantly in 2023, it is evident that attackers are becoming more sophisticated and diverse in their tactics,” stated Chainalysis. Last year, hackers only managed to take $1.1 billion from smart contracts, indicating a 63.7% year-over-year decrease in the total value stolen from decentralized finance. Experts attribute this decline to the enhanced security measures implemented in defi protocols.