A recent confidential report from the United Nations obtained by Reuters has shed light on the nefarious activities of North Korea’s notorious cybercriminal group, the Lazarus Group. According to the report, the hackers managed to transfer millions of dollars worth of stolen cryptocurrency back to North Korea last year.
The cybercriminals targeted HTX, a crypto exchange owned by TRON founder Justin Sun, and made off with a staggering $147.5 million in cryptocurrency in March 2023. A year later, they successfully funneled the stolen funds back into North Korea using a sanctioned crypto mixer known as Tornado Cash.
The UN monitors leading the investigation revealed that they had been probing 97 suspected cyberattacks by North Korean hackers on various cryptocurrency firms between 2017 and 2024, totaling approximately $3.6 billion. The report also highlighted the significant income generated by North Korean IT workers abroad for the country.
Intriguingly, the report mentioned a New York Times article stating that Russia had unfrozen $9 million of $30 million in North Korean assets and allowed Pyongyang to establish an account at a Russian bank in South Ossetia, potentially granting better access to international banking networks.
The Lazarus Group and other North Korean hackers have been responsible for some of the most lucrative hacks in the cryptocurrency and DeFi sectors. Tornado Cash, a crypto mixer, has been a preferred tool for laundering stolen funds. Despite facing sanctions in the US in 2022, Tornado Cash continued to operate, facilitating over $1 billion in money laundering.
An earlier report from the UNSC revealed that North Korea obtains 50% of its foreign exchange earnings through cyberattacks. In 2023, the nation increased its targeting of cryptocurrency platforms, conducting a record high of 20 hacks, although the total amount stolen was lower compared to the previous year.
During their cybercrime spree in 2023, North Korean hackers focused on stealing from DeFi platforms, making off with approximately $429 million. They also targeted centralized services, exchanges, and wallet providers, pilfering $150 million, $330.9 million, and $127 million, respectively.
The activities of North Korean cybercriminals have become increasingly sophisticated and lucrative, posing a significant threat to the security and integrity of the cryptocurrency industry. It is crucial for international bodies and law enforcement agencies to collaborate in combating such cyber threats and holding those responsible for such criminal acts accountable.