Hackers launched at least seven different attacks last year, primarily targeting investment firms and centralized exchanges with a variety of tactics, including phishing, malware and social engineering, according to the report from Chainalysis, a firm that tracks cryptocurrency. The cybercriminals worked to gain access to organizations’ “hot” wallets — digital wallets that are connected to the internet — and then move funds into DPRK-controlled accounts.
“North Korea is, in most respects, cut off from the global financial system by a long sanctions campaign by the US and foreign partners.” said Nick Carlsen, analyst at blockchain intelligence firm TRM Labs. “As a result they have taken to the digital battlefield to steal crypto in, essentially, [a] bank robbery at the speed of the internet, to fund weapons programs, nuclear proliferation and other destabilizing activities.”
There is little the United States or other countries can practically do to combat the North Korean crypto hacking activities, other than sanctions and defensive cybersecurity measures, as criminals face no real chance of extradition.
As the cryptocurrency market grows more popular, “we are likely to see continued interest by North Korea to target crypto businesses that are young and building out cyber defenses and anti-money laundering controls,” said Carlsen.