A recent confidential United Nations report has shed light on the activities of North Korea’s cybercriminal group, the Lazarus Group. This notorious group managed to transfer a substantial amount of stolen cryptocurrency, totaling millions of dollars, back to the isolated Asian country in the previous year. The report specifically highlights an incident in March 2023, where North Korean hackers made off with a staggering $147.5 million worth of cryptocurrency from HTX, a crypto exchange owned by TRON founder Justin Sun. One year later, these ill-gotten funds were covertly funneled back into North Korea using the sanctioned crypto mixer, Tornado Cash.
According to the report submitted to the United Nations Security Council (UNSC) sanctions committee, monitors have been diligently investigating 97 suspected cyberattacks on cryptocurrency firms attributed to North Korea between 2017 and 2024. The estimated value of these attacks is staggering, reaching approximately $3.6 billion. Additionally, the report revealed that North Korean IT workers based abroad are able to generate substantial income for their country, drawing on information provided by U.N. member states and private companies.
The monitors also expressed concerns around a recent New York Times report from February 6, 2023, which alleged that Russia had released $9 million of frozen North Korean assets out of a total of $30 million. Russia purportedly allowed Pyongyang to open an account at a bank in South Ossetia, leading to improved access to international banking networks. This development raises further alarm about the financial networks that North Korea can potentially leverage for illicit activities.
North Korean cybercriminals, including the Lazarus Group, have a well-documented history of executing highly profitable hacks in the crypto and DeFi sectors. Tornado Cash, a notorious crypto tumbler, has been their tool of choice for money laundering. Despite facing sanctions from the U.S. in 2022 and legal actions against its co-founders in 2023, Tornado Cash remains a valuable asset for North Korean hackers.
The Future of North Korean Cybercrime
As the UN report indicates, North Korea heavily relies on cyberattacks to sustain its economy, with 50% of its foreign exchange earnings coming from such illicit activities. Despite a decrease in the total amount stolen in 2023 compared to the previous year, the number of hacks reached a record high of 20. This spike coincided with a general downturn in the crypto market, highlighting the resilience and adaptability of North Korean cybercriminals. Focus on DeFi platforms resulted in a substantial sum of $429 million being stolen, while centralized services, exchanges, and wallet providers were also prime targets, with losses amounting to $150 million, $330.9 million, and $127 million respectively.
The relentless pursuit of stolen funds and the sophisticated tactics employed by North Korean cybercriminals pose a significant threat to the security and stability of the global financial ecosystem. As regulators and cybersecurity experts continue to monitor these activities, it is crucial for the international community to remain vigilant and collaborate on strategies to combat this persistent menace.
Leave a Reply