Threats to the Cryptocurrency Ecosystem
North Korean hackers have once again demonstrated their ongoing threat to the cryptocurrency ecosystem, as they have reportedly stolen an estimated $2 billion of crypto over the past five years. Blockchain intelligence firm TRM Labs recently conducted an in-depth analysis of cryptocurrency-related hacking, specifically focusing on the activities of North Korean cybercriminals. The data from TRM Labs reveals that in 2023 alone, North Korea has stolen approximately $200 million of crypto, which accounts for 20% of all stolen funds this year.
Unprecedented Scale of Cyberattacks
The cyberattacks originating from North Korea are estimated to be ten times larger than attacks conducted by other malicious actors. In addition to this, hackers from the country have now set their sights on the decentralized finance (DeFi) ecosystem, targeting cross-chain bridges that facilitate a significant volume of cryptocurrency transfers.
Large-scale Cross-Chain Hacks
One notable example of these cross-chain hacks is the Axie Infinity Ronin Bridge hack, which resulted in $650 million of crypto being stolen. In total, North Korean hackers have collectively stolen around $800 million in three separate attacks in 2022 alone.
The Evolving Methods of Hackers
These cyberattacks employ various methods, including phishing and supply chain attacks that involve compromised private keys and seed phrases. TRM Labs also highlight how North Korean hackers have become more industrious with on-chain laundering methods. Previously, stolen cryptocurrency was cashed out through cryptocurrency exchanges, but this has now evolved into extremely complex "multi-stage money laundering processes."
Adapting to Sanctions and Law Enforcement
Hackers have adapted their methods in response to aggressive sanctions by the Office of Foreign Assets Control, law enforcement operations, and improved blockchain tracing tools. To illustrate these evolving tactics, TRM Labs explores the 2023 Atomic Wallet hack, in which hackers targeted noncustodial wallet provider Atomic Wallet and made off with $100 million of cryptocurrency from 4,100 addresses. The exploit was likely made possible through a phishing or supply chain attack.
Complex Laundering Techniques
The stolen funds were transferred to new wallets across various blockchains, including Ethereum, Tron, Bitcoin, XRP, Dogecoin, Stellar, and Litecoin. ERC-20 and TRC-20 tokens were then swapped for Ether (ETH) and Tron (TRX) using decentralized exchanges, before being laundered through a combination of automated programs, mixers, and cross-chain swaps.
Should Crypto Projects Negotiate with Hackers?
In light of these alarming cyberattacks, the question arises: Should crypto projects ever negotiate with hackers? This remains a controversial topic within the cryptocurrency community.
