WSJ Report Shows North Korea Stole Over $3 Billion In Crypto

The globally burgeoning threat of state-sponsored cybercrime has taken a new turn as North Korea’s latest actions grab international attention. An expose by the Wall Street Journal uncovers a scheme by the regime there to fund its ballistic missile program. They do this by stealing cryptocurrencies… yes, you heard that right. By cleverly posing as tech professionals or potential employers, North Korean operatives have amassed an alarming $3 billion through illicit digital heists in the past few years.

A high-profile incident in this saga involved blockchain gaming firm, Sky Mavis. North Korean infiltrators, under the guise of job recruiters, fooled an unsuspecting engineer. They did so by making the engineer download a document laced with a malicious Trojan virus. This maneuver gave the hackers unauthorized access to the company’s systems. This later led to a colossal theft of $600 million, a majority of which was pilfered from players of Sky Mavis’s popular game, Axie Infinity.

Blockchain analytics firm Chainalysis quantified the proceeds from North Korea’s cyber-thefts at over $3 billion. These proceeds were gathered only during the past five years. U.S. officials have raised alarms about this digital loot. Recently, U.S. officials went on the public to state that these actions finance roughly half of North Korea’s expenditure on its missile program.

North Korean Hackers Has Targeted Vulnerabilities In Crypto Since 2018

Since 2018, North Korea’s cyber criminals have conducted a series of high-profile crypto attacks. Simultaneously, the country’s missile launch attempts and successes have exponentially grown. Over 42 successful launches were recorded in 2022, as per the James Martin Center for Nonproliferation Studies.

Anne Neuberger made some comments regarding the situation.

“North Korea’s cyber operations have morphed into an indispensable revenue stream, providing about 50 percent of the foreign currency required to purchase foreign components for its ballistic missile program.”

Anne Neuberger, Deputy National Security Adviser for Cyber and Emerging Technology

This revelation underscores a dramatic increase from previous estimates that placed cyber-thefts as contributing one-third of the funding for these programs.

Officials report that North Korea has engineered an extensive global network of IT professionals. These IT professionals concurrently work in regular tech roles and partake in the regime’s cybercrime operations. Based in nations like Russia and China, these IT workers can earn over $300,000 a year. These individuals have been known to impersonate various roles. Until now, the most prominent roles they impersonate are IT professionals, government officials, and independent blockchain developers.

North Korea has adopted a strategic approach to infiltrate crypto firms. They are utilizing Western “front people”—individuals hired to sit through job interviews and conceal the actual identity of North Korean recruits. These deceptive agents then carry out subtle changes in the products, making them vulnerable to hacking attempts.

North Korea Is Known For Cyberattacks Worldwide

Former FBI analyst and blockchain tracing firm TRM Labs’ employee, Nick Carlsen, equated North Korea to a “contemporary pirate state.” He claims that the country also indulges in ransomware attacks on U.S. hospitals to generate funds. Carlsen emphasized that the task of identifying and neutralizing these camouflaged IT workers poses a continual problem for the cryptocurrency sector.

While North Korea’s approach to cyber warfare is unique in its focus on theft to circumvent international sanctions, the state’s history of cybercrime includes multiple large-scale digital heists. For instance, in 2016, hackers linked to North Korea pulled off an $81 million theft from the central bank of Bangladesh. This was part of an attempted $1 billion cyber heist.

The sophistication of recent attacks indicates a substantial improvement in North Korea’s hacking capabilities. One notable incident this year involved a cascading supply-chain attack. Hackers associated with North Korea successfully infiltrated software makers one by one, corrupting their products to gain access to the computer systems of their clients.

“It’s an arms race with these hackers,” voiced Sky Mavis’s Chief Operating Officer Aleksander Larsen, echoing the sentiment of cybersecurity professionals worldwide. The continuous evolution of North Korea’s cybercrime strategies underscores the urgency for robust security solutions and a unified global response. The international community must grapple with the reality of these digital transgressions and their implications for geopolitical stability.