North Korea stole nearly $400 million in cryptocurrency in 2021, particularly ethereum, researchers have found, indicating its national strategy of hacking and laundering digital money remains successful.
The isolated country, beset by sanctions from the United States and other countries, has long relied on its hacker corps to break into financial institutions around the world to steal money. In recent years, those hackers have increasingly focused on companies that handle and trade cryptocurrency, which is stored in digital wallets and can easily be sent around the world if a hacker gains access.
A United Nations report last year found that North Korea had hacked and stolen $316 million in virtual assets between 2019 and 2020 to use for its nuclear weapons program.
That tactic was particularly effective last year, according to researchers at Chainalysis, a company that monitors transactions on blockchains, which are a kind of public record that track all transactions for most cryptocurrencies. North Korea’s hackers successfully breached at least seven cryptocurrency exchanges and laundered the money, the company said.
Many cryptocurrencies have risen sharply in value in recent years, and software developers have created an entire ecosystem of projects and exchanges that allow users to trade one type of cryptocurrency for another, or from virtual money to cash. While many major exchanges follow guidelines to collect information on users in order to counter money laundering, the internet is also rife with places that don’t bother, opening the door for malicious actors like North Korea's hackers.
According to research from the cybersecurity company Kaspersky, also published Thursday, North Korea has a dedicated hacking team that has been steadily attacking small- and medium-sized companies that deal with cryptocurrency and related projects. Such companies are frequent targets for hackers, who stole a record $14 billion in cryptocurrency last year.
Unlike many criminals who receive cryptocurrencies, North Korea doesn’t rush to immediately convert it to conventional currency, said Erin Plante, the senior director of investigations at Chainalysis and the author of the report.
Instead, it continuously launders moderate amounts of its hacked cryptocurrency while holding on to around $170 million of it from older hacks, she said, capitalizing on the fact that major cryptocurrencies such as bitcoin and ethereum have increased in value in recent years.
“They’re very strategic. They’re not rushed in cashing out,” Plante said. “They’re looking at a significantly larger amount” because they waited, she said.