Type to search

North Korean Hackers Steal $400m in Crypto Attacks

Attacks targeted investment firms and centralised exchanges, and made use of phishing lures, code exploits, malware and social engineering

Personnel in orange hazmat suits march during a paramilitary parade in Pyongyang, North Korea. Photo: Korean Central News Agency via Reuters.


North Korean hackers have stolen $400 million worth of cryptocurrencies in at least seven attacks on digital assets platforms, according to a new analysis.

These attacks targeted primarily investment firms and centralised exchanges, and made use of phishing lures, code exploits, malware and advanced social engineering to siphon funds, according to blockchain experts Chainalysis.

Bitcoin now accounts for less than one quarter of the cryptocurrencies stolen by North Korea, the report said.

In 2021, only 20% of the stolen funds were bitcoin, whereas 22% were either ERC-20 tokens or altcoins. And for the first time ever, in 2021 ether accounted for a majority – 58% – of the funds stolen.

“From 2020 to 2021, the number of North Korean-linked hacks jumped from four to seven, and the value extracted from these hacks grew by 40%,” Chainalysis said in a blog post.

“Once North Korea gained custody of the funds, they began a careful laundering process to cover up and cash out,” it added.

The North Koreans’ complex tactics and techniques have led many security researchers to characterise Pyongyang hackers as “advanced persistent threats”, or APTs.


This is especially true for APT 38, also known as “Lazarus Group,” which is led by North Korea’s primary intelligence agency, the Reconnaissance General Bureau.

“Lazarus Group first gained notoriety from its Sony Pictures and WannaCry cyberattacks, but it has since concentrated its efforts on cryptocurrency crime — a strategy that has proven immensely profitable,” the Chainalysis report said.

From 2018, the group has stolen and laundered more than $200 million annually.

The most successful individual hacks – one on KuCoin and another on an unnamed cryptocurrency exchange – each netted more than $250 million alone.

According to the UN Security Council, the revenue generated from these hacks goes to support North Korea’s weapons of mass destruction and ballistic missile programmes.

North Korea has previously released statements denying allegations of hacking.

Last year the US charged three North Korean computer programmers working for the country’s intelligence service with trying to steal more than $1.3 billion in money and cryptocurrency.


  • George Russell




India PM Modi’s Twitter Hacked By Bitcoin Scammers

Crypto Platform Poly Network Rewards Hacker with Big Bug Bounty

Russia, China hackers targeting US vote, Microsoft warns


George Russell

George Russell is a freelance writer and editor based in Hong Kong who has lived in Asia since 1996. His work has been published in the Financial Times, The Wall Street Journal, Bloomberg, New York Post, Variety, Forbes and the South China Morning Post.


AF China Bond