North Korea hackers stole as much as $1.7bn to fuel nuclear programme in 2022, study finds

Arpan Rai

2 February 2023 at 7:14 am·2-min read

File: A man walks past a screen showing exchange rates of cryptocurrencies at an exchange in Seoul (AFP via Getty Images)

Cyber hackers backed by North Korea carried out a theft of $1.7bn (£1.4bn) of crypto in 2022, taking the previous record of cryptocurrency threat up by at least four times, according to a report by a blockchain analysis firm.

The past year was on record “the biggest year ever for crypto hacking”, Chainalysis said in its report.

Isolated in the global market and reeling under international sanctions, cybercriminals in North Korea are allegedly turning to crypto theft to aid its booming nuclear arsenal.

"For context, North Korea’s total exports in 2020 totalled $142m worth of goods, so it isn’t a stretch to say that cryptocurrency hacking is a sizable chunk of the nation’s economy," according to the report.

The theft by North Korean hackers accounts for 44 per cent of the $3.8bn cryptocurrency stolen in the past year, Chainalysis said.

3/ The vast majority of illicit value processed by mixers is made up of crypto stolen in hacks, most of which were carried out by groups linked to North Korea. They’re unlikely to be dissuaded by the threat of U.S. sanctions given they reside in a non-cooperative jurisdiction. pic.twitter.com/tZ6fVqMjog
— Chainalysis (@chainalysis) January 26, 2023

It added: “The vast majority of illicit value processed by mixers is made up of crypto stolen in hacks, most of which were carried out by groups linked to North Korea. They’re unlikely to be dissuaded by the threat of US sanctions given they reside in a non-cooperative jurisdiction.”

While October was marked as the biggest single month ever with most cryptocurrency hacking activity, the theft developments "ebbed and flowed" throughout the year with "huge spikes" recorded in March and October.

A total of 32 attacks were recorded in October in which $775.7m were stolen, the report said.

The hackers linked to North Korea such as those in the cybercriminal syndicate Lazarus Group have been by far the most prolific cryptocurrency hackers, and carried out a theft of an estimated $1.7 billion worth of in multiple attacks last year, the report said.

"In 2022, they shattered their own records for theft," it said.

Additionally, in a first, the US law enforcement seized $30m in stolen funds from North Korea-linked hackers last year.

Chainalysis has predicted that "these hacks will get harder and less fruitful with each passing year”.