Crypto thefts totaled $3.8 billion in 2022

North Korean hacking surge resulted in $1.7 billion in losses, Chainalysis report says

Thieves stole a record $3.8 billion worth of cryptocurrency in 2022, as sanctions on North Korea led to increased suspicions of hacks by the isolated country.

Overall crypto losses increased by stolen $3.3 billion in 2021, blockchain analytics firm Chainalysis said in a report released Wednesday.

According to the firm, hacking groups that US officials have linked to the North Korean government stole about $1.7 billion in 2022, up from about $400 million the previous year.

According to US officials, North Korean hackers are focusing more on the cryptocurrency business as a way to generate revenue in the face of international sanctions. Fraudsters have used a range of tactics, from impersonating non-North Koreans during job interviews to deploying ransomware, in order to generate revenue, researchers have found.

Anne Neuberger, US deputy national security adviser for cyber and emerging technologies, said in July that money stolen via hacking accounts for about a third of funding for Pyongyang’s weapons development programs.

Last week, the US Federal Bureau of Investigation accused two North Korean cybercrime groups of stealing $100 million in a heist in June last year at crypto service Harmony Bridge.

The Lazarus Group, a specialized hacking unit that the FBI says was associated with North Korea’s Reconnaissance General Office, also stole around $600 million in March from a blockchain network connected to Axie Infinity, a video game in which players can earn digital tokens, US officials said.

Investigators later said they had recovered $30 million that was stolen in the Axie Infinity heist, in what Chainalysis said was the first-ever seizure of stolen funds by hackers with ties to Korea. North.

“While hackers linked to North Korea are undoubtedly sophisticated and pose a significant threat to the cryptocurrency ecosystem, the ability of law enforcement and national security agencies to fight back is increasing,” wrote Chainalysis.

Following the takeover of Axie Infinity, “we expect more such stories in the coming years, largely due to the transparency of the blockchain. When every transaction is recorded in a public ledger, this means law enforcement always has a lead to follow, even years after the fact, which is invaluable as investigative techniques improve over time.”

The report revealed that the alleged North Korean groups relied heavily on “mixing” services, which allow users to mask their transactions, to launder stolen cryptocurrency. Hackers almost exclusively used Tornado Cash to launder digital money until the US Treasury Department sanctioned the service in August.

Of all the cryptocurrencies stolen last year, $3.1 billion was taken from decentralized finance, or DeFi, protocols, Chainalysis said. Attackers took advantage of hard-to-spot digital vulnerabilities in the DeFi infrastructure that underpins crypto projects, with a particular focus on bridge services.

Of the $3.1 billion stolen from DeFi services, 64% came from cross-chain bridges, which allow users to convert one cryptocurrency to another, Chainalysis observed.