North Korea is reportedly harboring over $1.7 billion worth of cryptocurrency stolen from crypto exchanges over the course of five years and has been conspiring with money-laundering criminals to launch cybercrimes around the world.
These crimes are instigated by hackers and cyber warriors trained and sponsored by North Korea who are now being blamed for the Bithumb and Kucoin hacks that saw the exchanges lose $32 million and $281 million respectively in 2017 and 2018. They are also being blamed for stealing over 4,000 Bitcoins after hacking the YouBit crypto exchange based in South Korea in 2017. After training, the cybercriminals are allegedly instructed to storm western-associated cryptocurrency exchanges.
Surprisingly, North Korea has not sold all proceeds from the hacks and many times choose to hold. For North Korea, the financial and economic sanctions placed by the west against it are the greatest motivation for launching these attacks. This is according to Asian Institute for Policy Studies’ Senior Research Fellow Koh Myung-Hyun.
“Considering the fact that the price of bitcoin (BTC) has risen over 60 times since 2017 when North Korean hackers started hacking cryptocurrency exchanges, North Korea is using the stolen cryptocurrency from the perspective of long-term investment. For North Korea, cryptocurrency has become the only financial asset that can be gained while it is under tight economic sanctions, and [recognizes its value] for sanctions evasion-related purposes.”
October reports from US federal government prosecutors quote Chainalysis, a firm that analyzes blockchains and crypto markets, and the Asian Institute for Policy Studies (AIPS) both of which have previously released data about North Korea’s involvement in violating crypto exchanges. Blockchain analysis firms usually analyze transactions to trace the money. The hackers have to keep changing the assets from one coin to another, use multiple wallet addresses and transactions, and this money mixing tactics also change now and then. However, hackers usually face huge challenges in trying to sell off their proceeds because of the KYC protocols already implemented on many exchanges and the fact that most exchanges do not have much liquidity.
North Korean hackers employ multiple strategies including deploying malicious blockchain platforms and applications in addition to using phishing and other hacking methods. The programmers are part of the North Korean military intelligence agency. One group being blamed for the hacking incidences is called Lazarus. Some of these funds are reportedly used in buying weapons including expanding the country’s nuclear and missile capabilities in addition to helping it import goods and services to fund the economy.