Report: $3.8 Billion in Crypto Stolen Last Year, Mostly by North Korea

Published: 22 February 2023

Pyongyang NKNorth Korea is one of the global cybercrime hotspots. (Photo: Roman Harak, Flickr, License)

By Josef Skrdlik

Hackers stole US$3.8 billion worth of cryptocurrency last year, surpassing the $3.3 billion record registered in 2021 despite a dramatic fall in the crypto market’s value, according to a new report by blockchain analysis firm Chainanalysis. North Korean hackers stole most of it.

Crypto theft peaked in March and October, which alone saw equivalents of $732 and $776 million stolen.

Elaborate encryption mechanisms underlying blockchains — public ledgers recording transactions in blockchain networks — make them nearly invincible to hacker attacks.

There are still weak spots that can be exploited, however.

The report said that over 82% of all cryptocurrency was stolen from DeFi protocols, which are sets of codes facilitating crypto financial transactions.

Most of these attacks targeted specifically protocols known as cross-chain bridges, which allow for transfers between different blockchains and, since they serve as large repositories of assets backing the individual transfers, constitute effective “honeypots.”

North Korea, one of the global cybercrime hotspots, stood behind the majority of last year’s stolen funds, securing an estimated $1.7 billion worth of crypto, according to Chainanalysis.

Since 2014, when North Korean hackers broke into Sony Pictures in revenge for releasing a comedy ridiculing Kim Jong-un, they have earned fame for their technical finesse and astute operational capability.

The hacker force has apparently been built at the command of the North Korean leadership and operates as an organized unit within the Korean People’s Army.

Kim Jong-un in 2013 described cyberwarfare as an “all-purpose sword that guarantees the North Korean People’s Armed Forces ruthless striking capability, along with nuclear weapons and missiles.”

In North Korea, whose yearly GDP was estimated to total around $18 billion in 2019, cybercrime proceeds constitute a significant source of income.

The U.N. previously reported that some of the stolen funds serve to fund the North Korean army, including the nuclear missile programme.

That said, Chainanalysis noted that law enforcement agencies are increasingly able to fight back against North Korean hackers.

In September, the U.S. authorities managed to conduct the first-ever seizure of North Korea’s cybercrime proceeds, recovering more than $30 million from the total of $620 million stolen from crypto game Axie Infinity.