North Korean Cybercriminals Escalate Crypto Theft to Record Levels in 2024

In a troubling trend for the cryptocurrency sector, North Korean hackers have stolen an unprecedented $1.3 billion in digital assets throughout 2024. This staggering figure accounts for over half of the $2.2 billion total stolen from cryptocurrency platforms this year, as reported by blockchain research firm Chainalysis. The amount represents a significant increase of 102.88% compared to the previous year, where North Korean-linked cyberattacks resulted in approximately $660.5 million in losses.

The surge in theft is part of a broader pattern, with overall cryptocurrency theft rising by 21% from 2023. This marks the fifth consecutive year that total thefts have exceeded $1 billion, highlighting ongoing vulnerabilities within the crypto ecosystem.

Hacking Tactics and Targets

North Korean hackers are notorious for their sophisticated methods, often posing as IT professionals to infiltrate companies within the cryptocurrency and technology sectors. These attacks have predominantly targeted decentralized finance (DeFi) platforms, which have become increasingly attractive due to their rapid growth and relative lack of stringent security protocols.

The data indicates that private key compromises were the primary cause of these thefts, accounting for 43.8% of all hacks. Attackers exploit these vulnerabilities to access wallets and siphon funds through decentralized exchanges (DEX), mining operations, or mixing services, complicating recovery efforts.

Major Incidents

Several high-profile hacks have underscored the severity of this issue:

  • DMM Bitcoin: In May 2024, this Japanese exchange suffered a breach resulting in a loss of approximately $308 million, attributed to weaknesses in its security infrastructure.
  • WazirX: An Indian cryptocurrency platform faced a significant attack in July, with hackers making off with around $235 million.

These incidents are emblematic of a larger trend where North Korean hackers have not only increased the scale of their operations but also diversified their tactics to target both large exchanges and smaller platforms.