Crypto Theft by North Korean Hackers Drops in 2023 Despite Surge in Breaches — Chainalysis

North Korean Hackers affiliated with the Democratic People’s Republic of Korea (DPRK) reportedly stole less cryptocurrency in 2023, despite intensifying their efforts and widening their range of targets, as revealed by the latest report from blockchain analytics firm Chainalysis.

In 2022, crypto losses from exploits linked to North Korea reached a staggering $1.7 billion across 15 hacking incidents. However, the data for 2023 indicates a decline, with an estimated $1 billion stolen from 20 hacks. Surprisingly, even with an increase in the number of exploits, the value of their illicit gains did not surpass the previous year’s total.

Erin Plante, the vice president of investigations at Chainalysis, anticipates a continued evolution of hacks linked to North Korea, becoming more sophisticated and diverse. As decentralized finance (DeFi) protocols improved their security measures, North Korean hackers reportedly shifted their focus to centralized services and wallets.

In 2023, DPRK-linked hackers were observed favoring phishing and social engineering tactics. Plante highlighted the timeless nature of these methods and emphasized the importance of employee education and awareness as crucial components of a robust cybersecurity strategy. Plante stated:

“General security practices are an important foundation for a strong cybersecurity strategy, and organizations should ensure that every employee is vigilant and up to speed with the technical aspect of cyber defenses.”

Plante

Extended Network Infiltration:

Chainalysis noticed a pattern in DPRK-linked attacks, indicating that the hackers spent more time within networks. This underscores the necessity for enhanced network monitoring and security measures to detect and thwart intrusions promptly.

BREAKING: FBI says 🇰🇵 North Korea hackers 'Lazarus Group' are behind the theft of $43 million worth of crypto from Stake. com

— Coinwaft (@coinwaft) September 7, 2023

Plante recommended that DeFi protocols vulnerable to on-chain failures should implement monitoring systems for on-chain activities. Meanwhile, platforms susceptible to off-chain risks are advised to reduce their reliance on centralized products and services.

Despite facing obstacles such as improved security measures, Plante anticipates North Korean hackers to persist in seeking opportunities to steal significant funds. She emphasized their ability to rapidly adapt as doors close to them, portraying them as an advanced adversary in the realm of cybersecurity.

The ongoing evolution of tactics underscores the need for continuous vigilance and adaptation in the face of emerging threats.