$1.3 billion gone in 2024: North Korean hackers have a record year

The crypto market is experiencing spectacular growth, attracting both legitimate investors and malicious actors eager to exploit its flaws. In 2024, cyberattacks carried out by hackers affiliated with North Korea will take on a significant proportion. According to Chainalysis' annual report, these groups managed to steal more than $1.3 billion across 47 major incidents, a figure that represents more than half of the crypto thefts reported globally this year. This colossal sum illustrates the rise in power of these players in the ecosystem, but also the growing challenges linked to the security of blockchain infrastructures. By targeting both DeFi platforms and centralized services, these hackers are refining their tactics and exploiting vulnerabilities that call into question the resilience of the entire sector.

View of a dark room filled with technological equipment, with stacks of bills flying through the air. A masked hacker with a North Korean flag on a jacket patch which symbolizes crypto thefts.

Ever more daring and lucrative attacks

The Chainalysis report, published on December 19, 2024, paints a grim picture of the activities of North Korean hackers. This year, they orchestrated 47 major incidents, with more than $1.3 billion in stolen cryptos. Thus, this figure greatly exceeds that of 2023, when thefts amounted to $660 million. This spectacular progression reflects, according to experts, a significant improvement in the hacking techniques used.

“Large attacks, which exceed $100 million, have been much more frequent in 2024,” precise the Chainalysis report. This trend is explained by the increased ability of hackers to exploit vulnerabilities present in DeFi systems, as well as in centralized platforms. During the first quarter of the year, DeFi platforms were particularly targeted, particularly due to vulnerabilities associated with complex protocols and smart contracts. However, starting in the second quarter, cybercriminals redirected their efforts to centralized services. The latter, although deemed more secure, have also shown their limits in the face of sophisticated attacks. One of the most important examples remains the Indian exchange WazirX, the victim of a theft of $235 million after hackers compromised a multisignature wallet on Ethereum.

This change in targets, coupled with increasingly higher amounts, illustrates the adaptability of North Korean hackers, but also the urgency for the crypto industry to strengthen its security measures in the face of ever more sophisticated threats.

Your first cryptos with Binance
This link uses an affiliate program

The influence of international alliances on North Korean strategy

In the second half of 2024, hacking activities attributed to North Korean groups saw a marked slowdown. This trend, noted in the Chainalysis report, could indicate a major strategic change. Indeed, this period coincides with the strengthening of diplomatic and military ties between Pyongyang and Moscow, which could have allowed North Korea to diversify its sources of financing. “A clear drop after the 1er July 2024 is observed, although other factors may have influenced this trend,” says Chainalysis. Additionally, the report states that hasty conclusions should be avoided.

This enhanced cooperation between North Korea and Russia could change Pyongyang's economic and operational priorities. However, experts warn that this slowdown does not mark the end of North Korean cyberattacks. Occasional opportunities, such as holiday periods, remain conducive to targeted offensives. For example, the BingX exchange suffered a theft of $44 million, illustrating that the threat persists despite overall activity in decline. Additionally, unanticipated geopolitical events or economic pressures could prompt these groups to resume large-scale operations.

This strategic evolution is accompanied by an increased need for players in the crypto sector to adapt. Reducing the frequency of attacks should not mask the potential for a resurgence of these threats. In this context, the future calls for continued strengthening of security infrastructure and closer international cooperation to counter these sophisticated and unpredictable networks.

The rise of North Korean hackers sheds light on the growing security challenges in the crypto ecosystem. Despite efforts by crypto platforms to strengthen their defenses through in-depth audits and advanced technologies, the risk remains significant. This situation highlights the paramount importance of more effective international cooperation to counter these transnational threats. If North Korea were to reduce its dependence on cryptocrime thanks to its strategic alliances, this would not guarantee an appeasement of cyberattacks. On the contrary, affiliated groups could adopt new tactics and diversify their targets, thus making the threat more complex to anticipate and counter. In a context where the evolution of malicious strategies is combined with the fragility of digital infrastructures, the urgency of a coordinated response on a global scale has never been so obvious.

Maximize your Tremplin.io experience with our 'Read to Earn' program! For every article you read, earn points and access exclusive rewards. Sign up now and start earning benefits.

Similar Posts