North Korean hackers behind one third of crypto hacks in 2023: Report

A new report by firm TRM Labs reveals that North Korea was responsible for nearly 33% of all hacking incidents in 2023. The report, , estimates that North Korean hackers may have looted up to $700 million worth of crypto in the past year, with $600 million confirmed by TRM Labs’ research. This brings the total amount of crypto stolen by hackers since 2017 to a staggering $3 billion, indicating a surge in cyberattacks on digital assets.

North Korean hackers stole USD 600 million in crypto in 2023, TRM Labs research shows. Read the story now: According to TRM Labs, North Korea employs “constantly evolving” methods of money laundering to evade international law enforcement pressure. The report suggests that the hackers typically compromise users’ private keys or seed phrases, transfer the funds to wallets controlled by North Korean operatives, and then exchange the assets for Tether, a stablecoin pegged to the US dollar.

The report also states that North Korea has been exploring various laundering tools, such as cryptocurrency mixers, which obscure the origin and destination of transactions. After the US Treasury Department imposed sanctions on two popular mixers, Tornado Cash and Sinbad, in 2023, North Korea shifted to other alternatives.

TRM Labs warns that North Korea’s hacking prowess “demands continuous vigilance and innovation from businesses and governments.” Despite notable advancements in cybersecurity among exchanges and increased international collaboration in tracking and recovering stolen funds, the report predicts that 2024 will see further disruption from the world’s most prolific cyber thief.

The report comes after the US Treasury Department, along with its allies in Australia, Japan, and South Korea, imposed sanctions on eight foreign based agents of North Korea and the cyber espionage group Kimsuky in response to the country’s military reconnaissance satellite launch on November 1, 2023.

The report highlights the activities of Kimsuky, a cyber espionage group affiliated with the Reconnaissance General Bureau, which the United Nations and the United States designate. Kimsuky specializes in collecting intelligence on foreign policy, national security, nuclear policy, and sanctions related to the Korean peninsula.

The group mainly uses spear phishing techniques to target individuals working for government organizations, research centers, think tanks, academic institutions, and news media outlets across Europe, Japan, Russia, South Korea, and the United States..