Blockchain intelligence firm TRM Labs has revealed that hackers associated with the Democratic People’s Republic of North Korea (DPRK) managed to loot more than $600 million worth of crypto assets in 2023.
What Happened: According to the report, more hacks discovered towards the end of the year could increase the stolen amount to approximately $700 million if they’re confirmed to be from North Korea.
These cybercriminals were responsible for nearly one-third of the total funds stolen in cryptocurrency attacks last year, despite a 30% reduction from their $850 million haul in 2022, the report said.
The study by TRM Labs also highlighted the severe impact of hacks conducted by DPRK-affiliated hackers, revealing that on average, their attacks were 10 times as damaging as those not associated with North Korea.
Concerningly, the cumulative losses due to Pyongyang-linked threat actors since 2017 have reached close to $3 billion in cryptocurrency.
According to the report, the modus operandi of North Korean hackers involves the use of crypto mixing tools, enabling them to obscure their illicit activities from law enforcement.
Additionally, they frequently switch to alternative crypto tumblers if the ones they prefer become subject to sanctions.
For example, when the U.S. imposed sanctions and took action against platforms like Tornado Cash and ChipMixer, which were previously used by North Korean hackers to conceal their activities, the hackers quickly shifted to using the BTC service Sinbad.
Even after Sinbad was sanctioned by the Office of Foreign Assets Control in November 2023, North Korea reportedly continued to explore other means of money laundering.
TRM Labs concluded its report by cautioning that North Korea is likely to persist in hacking cryptocurrency wallets in 2024.
Previously, the firm had reported that North Korean hackers had plundered approximately $2 billion worth of virtual currencies over the past five years.