January 8, 2024 at 12:09AM
North Korean threat actors plundered over $600 million in cryptocurrency in 2023, amounting to almost a third of all funds stolen in crypto attacks. These financially-motivated attacks support the nation’s weapons programs, with stolen assets typically converted to hard currency. The U.S. Treasury Department’s sanctions have not halted their evolving hacking methods.
Key takeaways from the meeting notes on cryptocurrency and financial crime include:
1. Threat actors affiliated with the Democratic People’s Republic of Korea (DPRK) have plundered at least $600 million in cryptocurrency in 2023 and were responsible for almost a third of all funds stolen in crypto attacks, despite a 30% reduction from the USD 850 million haul in 2022.
2. These financially motivated attacks are a crucial revenue-generation mechanism for the sanctions-hit DPRK, funding its weapons of mass destruction (WMD) and ballistic missile programs. The intrusions leverage social engineering to compromise private keys and seed phrases, allowing unauthorized access to victims’ assets which are then converted to hard currency using high-volume OTC brokers.
3. Despite law enforcement pressure, DPRK hackers continue to explore money laundering tools, indicating constant evolution in their tactics.
4. There have been indications that additional breaches targeting the crypto sector towards the end of 2023 could push the figure of cryptocurrency plunder higher to around $700 million.
These points highlight the persistent threat posed by DPRK’s hacking prowess, with implications for both businesses and governments to exercise continuous vigilance and innovation in safeguarding against such attacks.