- According to Chainalysis, through seven attacks, hackers from North Korea obtained around $400 million in digital assets.
- The attacks targeted internet-connected hot wallets belonging primarily to investment firms and centralized exchanges.
- The funds were transferred to accounts held by North Korea.
Even before digital assets became a record-breaking event last year, they were already targeted by hackers, so it’s no surprise that with the spotlight on these assets in 2021, hackers were also targeting them. interfered last year in the market.
An example of this is that North Korean hackers ventured to carry out at least seven attacks against digital asset platforms in 2021, of which orThey got about $400 million in digital assets, according to a study by the analysis firm chain analysis.
The attacks were directed at hot wallets connected to the Internet belonging mainly to investment companies and centralized exchanges, through phishing lures, code vulnerabilities, malware, and advanced social engineering.
Hacker wallets guarded by North Korea
According to the firm’s report, the funds were transferred to accounts held by North Korea, as noted by the analysis firm in a report published on its website.
“Once North Korea had custody of the stolen money, a detailed laundering process began to camouflage it and collect it.“explained the firm.
Chainalysis noted that this type of hack has led a large number of security researchers to define hackers from the Democratic People’s Republic of Korea (DPRK) as advanced persistent threats.
These types of attacks were not a novelty or discovery of last year, as four attacks affiliated with North Korea were recorded in 2020. According to Chainlaysis, the value extracted from these hacks increased by 40 percent between 2020 and 2021.
Ethereum, the most stolen crypto asset
Going by information gathered by the analytics firm, Satoshi Nakamoto’s digital asset, Bitcoin, currently makes up less than a quarter of the digital assets seized by North Korea. In fact, according to the report, only 20 percent of the stolen money is in the form of Bitcoins, especially if the value of what was stolen is quantified in fiduciary currency such as dollars.
“The continuous increase in the diversity of digital assets that have been targeted for theft was inevitably a factor that increased the perfection of the digital currency laundering operation by the Democratic People’s Republic of Korea. “, indicated chain analysis.
In 2021, 20% of stolen funds were Bitcoin, while 22% were ERC-20 tokens or altcoins and Ether accounted for the majority of stolen funds at 58%.
How does the laundering of crypto assets work?
This movement gives a glimpse of the activities carried out by North Korea to launder the crypto funds that it steals and puts in its custody to appropriate them.
But how does money laundering happen? According to the analysis firm, the operation begins with the exchange of ERC-20 tokens based on Ethereum and other crypto assets for Ethereum (ETH) through a decentralized exchange house.
Once Ethereum is on the exchange, it is put through a “mixer,” which is referred to by Chainalysis as “a group of software tools that unify and encrypt digital assets from thousands of addresses“.
Once this step is finished, the assets are exchanged for the “called digital gold”, again mixed and consolidated in a new wallet.
The next stage in this plan to “clean” the money, it consists of directing the mixed Bitcoin to deposit addresses located in crypto-asset exchanges, where the digital money can be converted into a fiduciary currency. Needless to say, these exchanges are generally those located on the Asian continent.
This tactic is so profitable for North Korean hackers that more than 65 percent of the country’s stolen funds were “laundered” through various mixers last year. Likewise, it is possible to see that the trend has been growing over the last three years, since in 2019 the number of funds was 21 percent, while in 2020 it was 42%.
You might be interested in: