News

North Korean Hackers Dominate Cryptocurrency Theft in 2024—Key Insights

50 0
Manak-Ahuja
by
December 29, 2024January 11, 2025
North Korean Hackers Dominate Cryptocurrency Theft in 2024

Key Insights

  • Total Crypto hacks remain lower than in other years like 2022.
  • Despite this decline, the involvement of state-sponsored hackers from North Korea is rising.
  • Hackers stole $2.2 billion in funds throughout 2024, with DPRK hackers accounting for more than 60% of this amount.
  • The largest hacks include the DMM Bitcoin hack, the WazirX hack, and the Radiant Capital hack.
  • North Korean hackers did more damage to centralized platforms than decentralized ones in 2024.

Although Crypto hacks in 2024 weren’t as harsh as those in years like 2022, the year still had its fair share of brutal thefts.

This time, North Korean hackers spearheaded the surge with a report from Chainalysis revealing that Pyongyang-affiliated groups were responsible for over $1.3 billion in stolen assets this year.

This figure alone marks a staggering 102% increase from the previous year in 2023.

Here’s an in-depth look at the data and implications of this harsh wave of cybercrime.

Record-Breaking Crypto Thefts by North Korean Hackers

According to Chainalysis, hackers ran off with a total of $2.2 billion throughout 2024.

Interestingly, North Korean hackers accounted for around 61% of this figure, the highest amount attributed to this cohort of hackers.

This percentage was even higher than their 2022 record of $1.1 billion, Chainalysis notes.

Percentage-hacks-from-North-Korea
Percentage hacks from North Korea Source: Chainalysis

The blockchain security firm also notes that the thefts in 2024 occurred across 47 incidents, indicating that hackers are not only becoming more active but also more capable of large-scale cyberattacks.

Major Hacks and Their Fallout

2024 saw some of the harshest attacks in years, as highlighted by Chainalysis. Some of these included:

The DMM Bitcoin Heist 

North Korean attackers hit DMM Bitcoin, a Japanese exchange, with a $305 million exploit.

This theft marked one of the year’s most serious attacks and remained in the news for weeks.

Hack-on-DMM-Bitcoin
Hack on DMM Bitcoin Source: Twitter

Interestingly, Chainalysis and other sources eventually traced the stolen assets through intermediaries to a Cambodian Crypto exchange.

WazirX Cyberheist

Next came the Indian Crypto exchange, WazirX, which suffered a massive hit from a $235 million loss from North Korean hackers in July.

Blockchain analytics platform Cyvers noted that the stolen funds were promptly laundered via Tornado Cash, where cryptocurrencies like $PEPE, $GALA, and $USDT were converted to $ETH.

Radiant Capital Breach

Soon after, another $50 million was stolen from Radiant Capital in October, and investigations pointed to state-sponsored hackers.

The radiant capital hack
The radiant capital hack Source: Twitter

According to a report from the platform in early December, the attackers started laying the groundwork for the 16 October attack as early as mid-September via a rigged ZIP folder sent to a radiant capital developer.

Overall, these incidents show how CEXs (which often hold large amounts of user funds) were a prime target for cybercriminals in 2024.

How North Korean Hackers Operate

These hackers, often described as “the world’s leading bank robbers,” appear to have honed their skills over decades and are increasing their percentage dominance in YoY hacks.

Some of their preferred methods include compromising Private Keys, which accounted for 44% of total losses.

Another favored method is exploiting Security Flaws, which was less common and accounted for around 6.3% of losses.

Finally, North Korean hackers seemed to favor posing as remote IT workers, and they slowly infiltrated Crypto firms and gained access to critical systems.

Why Do They Do This?

The question of why state-sponsored hackers have been so active over the last decade is an important one.

The funds are mostly believed to be important in financing North Korea’s weapons programs.

According to US officials, up to one-third of the country’s missile program is funded through cybercrime.

Moreover, a United Nations panel has also highlighted how such activities help Pyongyang evade international sanctions.

According to the Financial Times, Andrew Fierman, head of national security intelligence at Chainalysis, noted that the country uses crypto theft and traditional evasion techniques (like shell companies) to support its nuclear program.

Shifting Activity in H2 2024

Chainalysis’ report shows that while cybercrime activity topped out in the first half of 2024, it slowed down after June.

Interestingly, this happened after a meeting between Russian President Vladimir Putin and North Korean Dictator Kim Jong Un.

A decline in hacks through 2024
A decline in hacks through 2024 Source: Chainalysis

The report speculates that some strategic partnership might have been signed between North Korea and Russia, which increased trade and military ties.

As a result, the average daily Crypto losses from these state-sponsored hackers halved in the latter half of the year.

However, despite this decline, attacks targeting fintech and Crypto platforms are expected to continue into 2025.

This is made even more clear given that the crypto market is expected to register a full bull run within the year.

What This Means for the Crypto Industry

The rise in stolen cryptocurrency shows the need for better security measures across the industry.

Centralized and decentralized platforms alike must adopt stricter private key management practices.

Both parties must also conduct thorough security audits to reduce vulnerabilities.

The Chainalysis report concludes that while the number of flaws that can be exploited has declined, poor handling of private keys remains a critical issue.

This means that as the crypto market continues to grow, addressing these challenges will become increasingly important.

A Call to Action

In summary, 2024 has set a new precedent for Crypto theft.

The growing sophistication of these attacks threatens both individual users and platforms alike.

The disturbing trend also plays a direct role in funding a regime’s nuclear weapons program.

As the industry evolves, collaboration between stakeholders will become increasingly important, with the stakes never being higher.

⚠️ Disclaimer:
Crypto Land is an impartial marketing and educational platform, not a financial advice service. Therefore any content provided, hosted, or expressed by Crypto Land does not constitute financial advice or recommendation, and as such Crypto Land will not be liable for any losses incurred during trading or investing.

Leave a Reply

Your email address will not be published.

Wall Street Pepe: The Meme Coin Revolution You Can’t Ignore South Korea’s Bitcoin Surge: Understanding the Kimchi Premium Bitcoin’s Path to $160,000: Risks and Opportunities in 2025 Mastering Crypto Volatility: Strategies for Success The Rise and Fall of Bitcoin Runes in 2024: A Year of Decline
Wall Street Pepe: The Meme Coin Revolution You Can’t Ignore South Korea’s Bitcoin Surge: Understanding the Kimchi Premium Bitcoin’s Path to $160,000: Risks and Opportunities in 2025 Mastering Crypto Volatility: Strategies for Success The Rise and Fall of Bitcoin Runes in 2024: A Year of Decline Solana’s DApp Revolution: $365M Revenue in 2024 Crypto Market Insights: BTC, ETH, XRP, SOL, and More in Focus MicroStrategy’s Bold Bitcoin Journey: From Strategy to Market Impact North Korean Crypto Heists: Unveiling 2024’s Record-Breaking Cybercrimes Bitcoin’s Meteoric Rise: The Key Drivers Behind Its Surge to $100K