How North Korea Stole $3 Billion in Crypto Over 6 Years

North Korea’s systematic attack against crypto nets a massive $3 billion, highlighting security risks in crypto.

Kim Jong-Un in a digital landscape sucking up bitcoins with his hand.
Created by Gabor Kovacs from DailyCoin
  • North Korean state hackers stole $3 billion in cryptocurrency.
  • 2022’s heist equaled 5% of North Korea’s economy.
  • Hacks highlight major security concerns with crypto. 

The crypto industry has been struggling with risks coming from hacks and scams since its inception. Among these, North Korea has emerged as a formidable danger, leveraging its cyber capabilities in a series of sophisticated heists.

Recently, reports showcased the staggering extent of the damage caused by North Korea’s state-backed hackers. Over six years, they plundered approximately $3 billion in cryptocurrency. 

North Korea’s $3 Billion Crypto Operation

Since 2017, North Korea has dramatically intensified its focus on the cryptocurrency industry. According to a report by Recorded Future, the regime has diverted its attention from traditional institutions to crypto, seeing it as a softer target. Since then, the regime’s hacking group Lazarus has successfully stolen over $3 billion in crypto assets. 

The catalyst for this strategic shift was the cryptocurrency bubble of 2017, which saw digital currencies gaining mainstream traction. North Korean cyber actors initially targeted South Korea’s crypto market before taking their operations to a global scale. 

The year 2022 marked a monumental peak in North Korea’s cyber heists, with the regime’s hackers stealing an astonishing estimated $1.7 billion in cryptocurrency. This staggering amount equaled about 5% of the nation’s economy and 45% of its military budget. To put this into perspective, this amount was nearly ten times greater than North Korea’s total exports in 2021, which were approximately $182 million. 

The Impact of North Korea’s Crypto Crime

The impact of North Korea’s hacks was staggering. In 2022, Approximately 44% of stolen cryptocurrency was traced back to North Korean actors. For instance, the FBI reported that just one hack resulted in 1580 Bitcoin stolen by its state-sponsored hackers. 

North Korean cyber criminals use methods similar to traditional cybercrime groups to launder their ill-gotten gains. This includes cryptocurrency mixers, cross-chain swaps, and fiat conversions. 

North Korea’s cyber operations have not been limited to targeting cryptocurrency exchanges alone. Their reach has extended to individual users, venture capital firms, and even alternative technologies and protocols within the cryptocurrency industry. 

The funds amassed through these extensive cryptocurrency thefts are believed to significantly bolster North Korea’s regime, particularly its military and weapons programs. The report points to a correlation between the surge in cryptocurrency theft and the increase in missile launches in recent years, suggesting a direct link between the two. 

On the Flipside

  • Contrary to aiding anonymity, blockchain technology can make it easier to track illicit funds. The transparent ledger of blockchain allows for tracing transactions and enables investigators to link funds to North Korean activities.
  • In September, in response to North Korea’s cryptocurrency thefts, South Korea has taken steps to freeze assets linked to these hacks. 

Why This Matters

North Korea’s expansive and indiscriminate targeting strategy places a wide array of entities at risk. This means that anyone operating within the cryptocurrency sector could potentially become its target.

Read more about crypto scams and how to avoid them: 
Types of Crypto Scams: Common Cryptocurrency Scams You Need to Watch Out for

Read more about Binance’s new initiative to bring big players into crypto: 
Binance’s Triparty Deal to Bring Institutions Into Crypto 

This article is for information purposes only and should not be considered trading or investment advice. Nothing herein shall be construed as financial, legal, or tax advice. Trading forex, cryptocurrencies, and CFDs pose a considerable risk of loss.

David Marsanic

David Marsanic is a journalist for DailyCoin who covers the intersection of crypto, traditional finance, and government. He focuses on institutionalized crypto entities like major cryptocurrency exchanges and Solana, breaking down complex topics into easy-to-understand writing. David's prior experience as a business journalist at various crypto and traditional news sites has enabled him to maintain a critical approach to news while adhering to high journalistic integrity standards.