North Korean Hackers Stole Nearly $400 Million of Cryptocurrency in 2021

Cryptocurrencies on a computer keyboard.

North Korea-based hackers managed to steal a considerable amount of money from the crypto exchanges. (Image: Volodymyr Shtun via Dreamstime)

In 2021, the value of crypto coins like Ethereum and Bitcoin rose sharply, luring thousands of investors worldwide. Unfortunately, North Korean hackers also noticed the rise in value.

Fake or scam crypto projects duping people of their money have made headlines in the last few years. Moreover, the cryptocurrency exchanges are not as safe as they are said to be as hackers are devising new ways to break through the defense of exchanges to steal cryptocurrency.

Subscribe to our Newsletter!

Receive selected content straight into your inbox.

2021 was a banner year for North Korean hackers

North Korea-based hackers managed to steal a considerable amount of money from the crypto exchanges. The finding comes from Chainalysis, a Blockchain analysis firm. It says the North Korean hackers stole crypto coins worth US$395 million in 2021.

The nine-figure sum represents a nearly US$100 million increase over the previous year’s thefts by North Korean hacker groups, and it brings their total haul over the past five years to US$1.5 billion in cryptocurrency alone — not including the uncounted hundreds of millions more the country has stolen from the traditional financial systems.

That hoard of stolen cryptocurrency now contributes significantly to the coffers of Kim Jong-un’s totalitarian regime as it seeks to fund itself — and its weapons programs — despite the country’s heavily sanctioned, isolated, and ailing economy.

“They’ve been very successful,” says Erin Plante, a senior director of investigations at Chainalysis, whose report calls 2021 a “banner year” for North Korean cryptocurrency thefts.

That hoard of stolen cryptocurrency from North Koren hackers now contributes significantly to the coffers of Kim Jong-un's totalitarian regime as it seeks to fund itself — and its weapons programs.
That hoard of stolen cryptocurrency now contributes significantly to the coffers of Kim Jong-un’s totalitarian regime as it seeks to fund itself — and its weapons programs. (Image: via Flicker)

Thefts increase despite a law enforcement crackdown

The findings show that North Korea’s global serial robberies have accelerated even amid an attempted law enforcement crackdown; the U.S. Justice Department, for instance, indicted three North Koreans in absentia in February of last year, accusing them of stealing at least US$121 million from cryptocurrency businesses, along with a slew of other financial crimes.

Charges were also brought against a Canadian man who allegedly helped launder the funds. But those efforts haven’t stopped the hemorrhaging of crypto wealth. “We were excited to see actions against North Korea from law enforcement agencies,” Plante says, “yet the threat persists and is growing.”

The seven breaches Chainalysis tracked in 2021 amount to three more than in 2020, though fewer than the 10 successful attacks that North Korean hackers carried out in 2018 when they stole a record US$522 million.

Ether is the cryptocurrency of choice for North Korean hackers

Bitcoin no longer represents anywhere near the majority of North Korea’s take, accounting for only around 20 percent of the stolen funds. Fully 58 percent of the groups’ cryptocurrency gains came instead in the form of stolen ether, the Ethereum network’s currency unit.

Another 11 percent, around US$40 million, came from stolen ERC-20 tokens, a form of crypto-asset used to create smart contracts on the Ethereum blockchain.

Chainalysis’ Plante attributes that increased focus on Ethereum-based cryptocurrencies — US$272 million in total thefts last year versus US$161 million in 2020 — to the skyrocketing price of assets in the Ethereum economy, combined with the nascent companies that growth has fostered.

Etherium cryptocurrency.
Fully 58 percent of the North Korean groups’ cryptocurrency gains came from stolen ether, the Ethereum network’s currency unit. (Image: Steveheap via Dreamstime)

All thefts point to Lazarus

Chainalysis says it linked all seven 2021 cryptocurrency hacks to North Korean hackers based on malware samples, hacking infrastructure, and following the stolen money into clusters of blockchain addresses it has identified as controlled by the North Korean hackers.

Chainalysis says the thefts were all carried out by Lazarus, a loose grouping of hackers all widely believed to be working in the service of the North Korean government. But other hacker-tracking firms have pointed out that Lazarus comprises many distinct groups.

Last year, for instance, two North Korean groups, TEMP.Hermit and Kimsuky, both seemed tasked with targeting biomedical and pharmaceutical organizations. Yet both groups also targeted cryptocurrency holders throughout 2021.

Another group called APT38 — which has previously focused on more traditional financial intrusions, such as the theft of US$110 million from the Mexican financial firm Bancomext and US$81 million from Bangladesh’s Central Bank — now appears to have also turned its sights on cryptocurrency targets.

One reason the hackers have focused on cryptocurrency over other forms of financial crime is no doubt the relative ease of laundering digital cash. Many groups have cashed out their gains through exchanges, primarily exploiting in Asia and trading their cryptocurrency for Chinese RMB.

Until the cryptocurrency industry figures out how to secure itself against these hackers — or to prevent their coins from being laundered and converted into clean bills — the Kim regime’s illicit, ethereal revenue stream will only continue to grow.

Follow us on Twitter, Facebook, or Pinterest

Recommended Stories

White radishes.

Foods to Keep Your Lungs Healthy in Winter

The novel coronavirus (2019-nCoV), which originated in Wuhan, is spreading fast. Apart from preventive measures ...

A black hole consuming its companion star.

Black Holes Eat Stars in Variable Mood Lighting

When a black hole chews up a star, it produces visible light or X-rays, but ...

A black hole near a red giant star.

Scientists May Have Just Discovered a New Class of Black Holes

Black holes are an important part of how astrophysicists make sense of the universe — ...

A young Chinese girl wearing a mask.

Liberation From the Wuhan Epidemic

The Wuhan coronavirus epidemic in mainland China is spreading across the land at an alarming ...

A patient with caronavius.

China Coronavirus Could Trigger Pandemic: Harvard Epidemiologist

Dr. Eric Feigl-Ding, a Harvard epidemiologist and health economist, has warned that the Chinese coronavirus ...

Chinese wearing masks.

How Is the Coronavirus Spreading Across the Globe?

The first case of a novel strain of coronavirus has been confirmed in the United ...

Chiang Kai-shek.

How Formal Education in China Was Ruined by Communism

Before 1949, Chinese society, especially university education in China under the Republic of China, enjoyed ...

Dominic Barton.

Canada’s Ambassador to China Says Relations Chilled After Huawei Executive’s Arrest

Dominic Barton, Canada’s ambassador to China, recently testified before the special House of Commons committee ...

A young Chinese boy.

A Sordid Tale of Raising a Child in Communist China

Kirsty Needham is a journalist who works as the China correspondent for The Sydney Morning ...

Send this to a friend