North Korean hackers steal $1.34B in crypto in 2024


North Korean hackers are suspected to be behind more than half of the $2.2 billion stolen from cryptocurrency platforms this year.

Hackers linked to the hermit kingdom stole more than ever before this year, according to a new report from blockchain data platform Chainalysis. North Korea-affiliated cybercriminals stole approximately $1.34 billion in crypto across 47 incidents this year.

The amount is more than double compared to last year, when Pyongyang was linked to $660.5 million in stolen crypto across 20 incidents, cybersecurity experts said in their latest report on crypto crime.

ADVERTISEMENT

North Korean hackers account for 61% of the total amount stolen this year and are suspected to be behind one in five incidents. They are also frequently linked to the biggest exploits.

The regime uses stolen crypto to finance its weapons of mass destruction and ballistic missile programs. Its hackers also rely on advanced malware and elaborate social engineering to fund state operations and evade international sanctions.

According to experts, North Korea is getting “better and faster” at massive exploits, with crypto attacks between $50 million and $100 million, and those above $100 million occurring more frequently in 2024 than in 2023.

One notable example of a North Korea-affiliated hack in 2024 involved DMM Bitcoin, a Japanese cryptocurrency exchange, which lost crypto worth $305 million at the time.

While data indicates that North Korea had a "very active year," most of its hacking activity occurred in the first half and then stagnated for the remainder of the year, a trend experts link to Russian President Vladimir Putin's visit to Pyongyang in June.

During the visit, Putin and North Korean leader Kim Jong Un signed a mutual defense pact. In exchange for Russia releasing millions of dollars of North Korean assets previously under UN sanctions, Pyongyang deployed troops to Ukraine and supplied Russia with ballistic missiles.

Along with redirecting its military resources toward the war in Ukraine, North Korea may have altered its cybercriminal activity as well, according to Chainalysis.

Persistent threat

ADVERTISEMENT

Although crypto theft levels remain below the peaks of 2021 and 2022, this year’s data reveals a 21% increase in stolen funds compared to 2023, indicating that it remains a persistent threat, according to Eric Jardine, head of cybercrimes research at Chainalysis.

“We began the year on pace to be among the worst on record for stolen funds,” Jardine said, adding that private key compromises remain a “significant concern” despite a slowdown following the meeting between Putin and Kim.

Stefanie Niamh Ancell BW jurgita Paulius Grinkevicius
Don’t miss our latest stories on Google News

These concerns grow as larger institutions start participating in the cryptocurrency ecosystem, according to Jardine.

“This year’s resurgence exposes critical gaps in security and highlights the need for adaptive measures,” he said.

“Collaboration between the public and private sectors, real-time web3 security solutions, advanced blockchain analysis, and targeted training are essential to proactively identify threats and keep crypto safe.”