North Korean hackers stole almost $400M in cryptocurrency, report says

North Korean hackers in 2021 stole nearly $400 million in cryptocurrency, according to a report released on Thursday, making it one of the most prolific years to date for cybercriminals in the isolated nation.

According to research from the software company Chainalysis, North Korean hackers were able to steal around $400 million across seven attacks on cryptocurrency platforms. The value gained from these attacks rose by 40 percent from 2020 to 2021.

These attacks largely affected investment firms and centralized exchanges, according to the company's research. The hackers used methods such as "phishing lures, code exploits, malware, and advanced social engineering" in order to take funds from platforms and place them in so-called hot wallets.


In 2021, Ethereum accounted for the majority of the funds North Korean cyber criminals stole — 58 percent.

"Once North Korea gained custody of the funds, they began a careful laundering process to cover up and cash out," Chainalysis said.

However, the hackers appeared slow to launder all the cryptocurrency they stole. The company's analysis found roughly $170 million in unlaundered cryptocurrency holdings, with about $35 million coming from attacks carried out in 2020 and 2021.

As Chainalysis said in its report, the recent online exploits of North Korea "paint a portrait of a nation that supports cryptocurrency-enabled crime on a massive scale."

"Systematic and sophisticated, North Korea’s government—be it through the Lazarus Group or its other criminal syndicates—has cemented itself as an advanced persistent threat to the cryptocurrency industry in 2021," the company said.

Last year, the Justice Department charged three North Korean individuals — Jon Chang Hyok, Kim Il and Park Jin Hyok — with stealing $1.3 billion in cash and cryptocurrency from U.S. groups. The three hackers, who were allegedly involved in the 2014 hack, are still considered to be at large as of January.