Hackers stole $3.8 billion-worth of crypto in 2022, North Korea to blame

Updated on: 02 February 2023

Paulina Okunytė
Journalist

Last year hackers targeted cryptocurrency businesses in record numbers.

Chainalysis's most recent report showed that last year crypto community lost $3.8 billion worth of crypto to hacks.

Decentralized Finance (DeFi) protocols were the primary targets for hackers, accounting for 82.1% of all stolen funds. The numbers had risen since 2021, when DeFi accounted for 73.3% of hacks.

The findings reveal that the most prolific cryptocurrency hackers remain linked with North Korea.

Total value stolen in crypto hacks. Image by Chainalysis — Image by Chainalysis

Cross-chain bridges are the most vulnerable

The rise in the stolen funds from DeFi protocols could be attributed to a fastly growing DeFi ecosystem. Chainalysis writes that transparency offered by DeFi became particularly appealing since many centralized cryptocurrency firms suffered collapse during 2022, revealing that lack of transparency is a major risk factor.

While DeFi principles allow public inspection of the smart contract code regulating protocols, the same transparency also contributes to DeFi's vulnerability to hacks.

Among the DeFi protocols, cross-chain bridge protocols are the most targeted by hackers, accounting for 64% of all funds stolen. Cross-chain bridge protocols allow crypto holders to transfer their funds from one blockchain to another.

The process usually involves locking the user’s assets into a smart contract on the first chain and then minting equivalent assets on the second chain. Smart contracts turn into centralized vaults, backing the assets that have been bridged to another blockchain. Hackers exploit the mechanism by searching for vulnerabilities and attacking.

Most hacks linked to North Korea

TOC label:

The theft of $1.1 billion from DeFi protocols has made North Korea one of the key contributors to the surge in DeFi hacking in 2022

Yearly total cryptocurrency stolen by North Korea-linked hackers. Image by Chainalysis

The number of stolen funds represents a significant portion of the nation's economy, as North Korea's total exports in 2020 only reached $142 million. Most experts believe the North Korean government is using the amassed profits to finance its nuclear weapons programs.

The most known name among North Korean cybercriminals is Lazarus Group. The group stands behind many cybercrimes worldwide, including the Harmony blockchain hack, which resulted in $100 million in crypto stolen.

Even though North Korean-associated hackers pose a major danger to the cryptocurrency industry with their advanced tactics, authorities are strengthening their defense, says Chainalysis researchers.

In 2022, law enforcement seized $30 million worth of cryptocurrency taken during the Axie Infinity Ronin Bridge hack, marking the first time funds stolen by North Korea-linked hackers were recovered.

Illicit crypto transactions hit all-time highs

Previously, Chainalysis revealed that illicit crypto transactions spiked to all-time highs in 2022, despite the overall market downturn.

Data shows that the unlawful usage of digital currencies primarily involved bypassing sanctions. Profits from scams had the second most significant share in transaction volume. Stolen funds and transactions related to darknet markets also contributed to the illegal usage of crypto.

Compared to previous years, in 2022, there was a significant increase in the use of cryptocurrency to evade sanctions, with transaction volume seeing a rise of 10,012,224.34% and taking a share of 44% of all illicit transactions. The massive increase in crypto usage by nation-states is attributed to strict sanctions implemented on Iran and Russia by the European Union and the US.