North Korean Hackers Stole Nearly $400 Million of Cryptocurrency in 2021

Cryptocurrencies on a computer keyboard.

North Korea-based hackers managed to steal a considerable amount of money from the crypto exchanges. (Image: Volodymyr Shtun via Dreamstime)

In 2021, the value of crypto coins like Ethereum and Bitcoin rose sharply, luring thousands of investors worldwide. Unfortunately, North Korean hackers also noticed the rise in value.

Fake or scam crypto projects duping people of their money have made headlines in the last few years. Moreover, the cryptocurrency exchanges are not as safe as they are said to be as hackers are devising new ways to break through the defense of exchanges to steal cryptocurrency.

Subscribe to our Newsletter!

Receive selected content straight into your inbox.

2021 was a banner year for North Korean hackers

North Korea-based hackers managed to steal a considerable amount of money from the crypto exchanges. The finding comes from Chainalysis, a Blockchain analysis firm. It says the North Korean hackers stole crypto coins worth US$395 million in 2021.

The nine-figure sum represents a nearly US$100 million increase over the previous year’s thefts by North Korean hacker groups, and it brings their total haul over the past five years to US$1.5 billion in cryptocurrency alone — not including the uncounted hundreds of millions more the country has stolen from the traditional financial systems.

That hoard of stolen cryptocurrency now contributes significantly to the coffers of Kim Jong-un’s totalitarian regime as it seeks to fund itself — and its weapons programs — despite the country’s heavily sanctioned, isolated, and ailing economy.

“They’ve been very successful,” says Erin Plante, a senior director of investigations at Chainalysis, whose report calls 2021 a “banner year” for North Korean cryptocurrency thefts.

That hoard of stolen cryptocurrency from North Koren hackers now contributes significantly to the coffers of Kim Jong-un's totalitarian regime as it seeks to fund itself — and its weapons programs.
That hoard of stolen cryptocurrency now contributes significantly to the coffers of Kim Jong-un’s totalitarian regime as it seeks to fund itself — and its weapons programs. (Image: via Flicker)

Thefts increase despite a law enforcement crackdown

The findings show that North Korea’s global serial robberies have accelerated even amid an attempted law enforcement crackdown; the U.S. Justice Department, for instance, indicted three North Koreans in absentia in February of last year, accusing them of stealing at least US$121 million from cryptocurrency businesses, along with a slew of other financial crimes.

Charges were also brought against a Canadian man who allegedly helped launder the funds. But those efforts haven’t stopped the hemorrhaging of crypto wealth. “We were excited to see actions against North Korea from law enforcement agencies,” Plante says, “yet the threat persists and is growing.”

The seven breaches Chainalysis tracked in 2021 amount to three more than in 2020, though fewer than the 10 successful attacks that North Korean hackers carried out in 2018 when they stole a record US$522 million.

Ether is the cryptocurrency of choice for North Korean hackers

Bitcoin no longer represents anywhere near the majority of North Korea’s take, accounting for only around 20 percent of the stolen funds. Fully 58 percent of the groups’ cryptocurrency gains came instead in the form of stolen ether, the Ethereum network’s currency unit.

Another 11 percent, around US$40 million, came from stolen ERC-20 tokens, a form of crypto-asset used to create smart contracts on the Ethereum blockchain.

Chainalysis’ Plante attributes that increased focus on Ethereum-based cryptocurrencies — US$272 million in total thefts last year versus US$161 million in 2020 — to the skyrocketing price of assets in the Ethereum economy, combined with the nascent companies that growth has fostered.

Etherium cryptocurrency.
Fully 58 percent of the North Korean groups’ cryptocurrency gains came from stolen ether, the Ethereum network’s currency unit. (Image: Steveheap via Dreamstime)

All thefts point to Lazarus

Chainalysis says it linked all seven 2021 cryptocurrency hacks to North Korean hackers based on malware samples, hacking infrastructure, and following the stolen money into clusters of blockchain addresses it has identified as controlled by the North Korean hackers.

Chainalysis says the thefts were all carried out by Lazarus, a loose grouping of hackers all widely believed to be working in the service of the North Korean government. But other hacker-tracking firms have pointed out that Lazarus comprises many distinct groups.

Last year, for instance, two North Korean groups, TEMP.Hermit and Kimsuky, both seemed tasked with targeting biomedical and pharmaceutical organizations. Yet both groups also targeted cryptocurrency holders throughout 2021.

Another group called APT38 — which has previously focused on more traditional financial intrusions, such as the theft of US$110 million from the Mexican financial firm Bancomext and US$81 million from Bangladesh’s Central Bank — now appears to have also turned its sights on cryptocurrency targets.

One reason the hackers have focused on cryptocurrency over other forms of financial crime is no doubt the relative ease of laundering digital cash. Many groups have cashed out their gains through exchanges, primarily exploiting in Asia and trading their cryptocurrency for Chinese RMB.

Until the cryptocurrency industry figures out how to secure itself against these hackers — or to prevent their coins from being laundered and converted into clean bills — the Kim regime’s illicit, ethereal revenue stream will only continue to grow.

Follow us on Twitter, Facebook, or Pinterest

Recommended Stories

Beautiful panoramic view of rooftops in the old town of Zug, Switzerland, with the town hall tower, Lake Zug, and the Pilatus mountain in the background.

Switzerland’s Safety Unveiled: A Journey Through Security and Serenity

Switzerland, often called the heart of Europe, is renowned for its breathtaking landscapes, pristine lakes, ...

A fishmonger's display on the Mediterranean island of Crete.

A Mother’s Wisdom: A Single Sentence that Changed a Fishmonger’s Life

In a quaint town in the south, there was always a line at a fish ...

Two men and a woman studying a graph.

8 Qualities of a High-Value Man That Make Him Stand Out

Becoming a high-value man is about showing people that you deserve their loyalty, respect, and ...

Ancient Chinese sitting and standing on platform.

9 Amazing Things Invented by the Chinese

China today is often mocked as the “copycat nation” due to its tendency to take ...

A person jumping into a swimming pool.

Why Does My Hair Turn Green From the Swimming Pool?

If you are blonde like me and enjoy laps in a swimming pool, you may ...

Closeup of a sea lion swimming underwater.

10 Cutest Ocean Animals That Will Surely Make You Smile

Have you ever wondered what lies beneath the surface of the ocean? Well, it’s home ...

Illustration of a man in ancient Chinese robes taking a nap while a dragon swirls over his head in a misty cloud.

5 Legendary Dreams of Chinese Folklore

Throughout China’s vast folklore, there are five dreams that have become household tales. These legendary ...

Business skyscrapers in reflection in La Defense financial district in Paris, France.

Integrity in Business: The Bedrock of Trust and Success

Integrity stands as one of the most cherished virtues, timeless and universal. Regardless of the ...

Virtual influencers.

Virtual Influencers: Meet the AI-Generated Figures Posing as Your New Online Friends

The future of influence is here: a digital avatar that captivates millions of adoring fans ...

Send this to a friend