A recent TRM Labs report highlights that North Korean hackers have seized over $2 billion in cryptocurrencies in the last five years, with 2023 alone seeing $200 million in thefts across 30 incidents. TRM Labs data indicates this sum constitutes 30 hacks this year, lower than in 2022 but “10 times larger than attacks by other actors.”

“This year, North Korea has taken $200 million in cryptocurrency, accounting for more than a fifth of all stolen crypto.”

Although North Korea has denied hacking allegations, a UN report attested to heightened cyberactivity by the nation, particularly targeting foreign aerospace and defense companies.

“In 2023, despite a decline in total stolen crypto, North Korea remains committed to the crypto ecosystem,” the study stated.

These attacks, executed through methods like phishing, supply chain breaches, and infrastructure hacks, frequently involve compromising private keys or seed phrases.

“Recently, North Korea’s focus has been on the DeFi ecosystem,” the report continued. Also, cross-chain bridges with rising value are under continuous threat.

North Korea’s Gains from Crypto Hacks

The past year set records with $4 billion stolen, mainly attributed to North Korean state-linked hacking groups.

For example, the Ronin Network, supporting the Axie Infinity play-to-earn crypto game, suffered a $625 million loss. The US named the North Korean Lazarus group as the culprit, recovering almost $30 million.

In 2023, the most profitable hack targeted Atomic Wallet, a non-custodial wallet provider, yielding around $100 million from 4,100 addresses.

“The attack likely involved phishing or a supply chain breach.”

Stolen assets span Ethereum (ETH), Tron (TRON), Bitcoin (BTC), Ripple (XRP), Dogecoin (DOGE), Stellar (XLM), and Litecoin chains.

The anonymous hackers, operating within North Korea, direct funds to centralized exchanges and then employ intricate laundering techniques upon discovery, according to TRM forensics.