In its latest report, Chainalysis has pointed the finger at the use of Russian-based cryptocurrency exchanges by North Korean-affiliated hackers. Why such a close connection?
North Korean hackers use Russian-based crypto platforms
It’s common knowledge that North Korean hackers have a large responsibility for many of the attacks within the cryptocurrency ecosystem. But while the public nature of most known blockchains makes it much easier to trace funds, malicious actors have to redouble their ingenuity when it comes to laundering the proceeds of their misdeeds.
For example, on-chain analytics firm Chainalysis, discovered that hacker groups operating for North Korea were using Russian-based cryptocurrency exchanges to launder stolen funds.
The company estimates that these practices have been going on since at least 2021, and highlights a $21.9 million transaction resulting from the Lazarus group’s hack of Harmony’s bridge:
” Not only does this revelation signify a powerful alliance between North Korean and Russian cybercriminal actors, it also presents challenges for global authorities. Russia’s notoriously uncooperative stance towards international law enforcement efforts particularly clouds the prospect of recovering stolen funds sent to Russian exchanges. “
While we’ve had repeated examples of global platforms like Binance blocking stolen funds, here we see that tensions between Russia and the West are benefiting North Korea.
Significant sums stolen every year
With the exception of a particularly catastrophic 2022, we observe a “certain stability” when it comes to the amount of funds stolen by North Korean hackers from cryptocurrencies. At $340.4 million as of September 14, this year’s total would tend to match that of 2021:
Figure 1 – Funds stolen by North Korean hackers each year
Chainalysis estimates the total amount of stolen cryptos at $3.54 billion.
In terms of proportion to the total number of hacks in the ecosystem, we can also point out that this data varies greatly from year to year. For the moment, this share seems to be declining in comparison with 2022, currently standing at 29.7% :
Figure 2 – Comparison between all crypto hacks and those from North Korea
Last month, we reported on the different strategies used by these hackers to successfully carry out their attacks. More recently, the FBI pointed the finger of blame at the totalitarian state for the attack on the Stake platform.
