The Democratic People's Republic of Korea — often referred to as North Korea — is said to be responsible for 61% of cryptocurrencies stolen this year, according to Chainalysis.

“In 2023, North Korean hackers stole approximately $660.50 million across 20 incidents; In 2024, this number increased to $1.34 billion stolen across 47 incidents, an increase of 102.88% in the value stolen. Recent report From major cryptocurrency forensics firm Chainalogy. This is the largest amount smuggled by North Korean pirates in any year so far.

said Louis Lubeck, services project manager at cryptocurrency cybersecurity firm Hacken Decryption Financial cooperation between North Korea and Russia exacerbates the situation.

“It increases threats through the sharing of tools and expertise, which complicates efforts to identify the source and respond,” he added. “This partnership could escalate global cyber conflicts and reshape how cyber warfare is waged through coalitions rather than the individual efforts of a single nation.”

One trend the industry has seen developing is North Korea-linked hackers posing as smart contract developers, intentionally inserting hidden vulnerabilities or backdoors into projects they contribute to. So far, in 2024, 47 hacks have been linked to North Korean hackers, amounting to two-thirds of the total number of cryptocurrency hacks.

These hacks include $50 million stolen from Radiant Capital, when it was a cybercriminal linked to North Korea. He was presented as a former contractor File sharing to deliver malware to an employee. The malware in question was reportedly sophisticated: it created a permanent backdoor into macOS while still displaying a legitimate PDF file to the user to avoid detection.

North Korea-linked actors are making use of increasingly advanced tactics, with Lubeck noting that “new tactics Leveraging artificial intelligence to create fake personas (With the development of deepfakes), making it difficult to identify bad actors. Legacy technologies still pose challenges, including detecting advanced phishing scams and identifying fake digital identities for remote workers.

US-based and international officials claim that North Korea is using the cryptocurrencies it steals to support the development of weapons of mass destruction and ballistic missile programs. Reports published in May It suggests that hacking efforts fund half of North Korea's missile program.

Lubeck suggested that a potential solution could be “strengthening international cooperation in tracking cryptocurrencies, imposing stricter KYC procedures on exchanges, and improving real-time intelligence sharing.” He stressed that sanctions show only limited effectiveness due to evasion methods.

Modified by Stacey Elliott.