North Korean-backed hackers stole at the very least $659 million via a number of cryptocurrency heists in 2024, whereas additionally deploying IT employees to infiltrate blockchain corporations as insider threats, in line with Japan, South Korea, and america in a uncommon joint assertion (PDF) on Tuesday.
The announcement supplied the primary official affirmation that North Korea was behind July’s $235 million hack of WazirX, India’s largest cryptocurrency trade. The July 2024 breach pressured WazirX to droop buying and selling and later restructure the agency.
Different main assaults included a $308 million theft from Japan’s DMM Bitcoin, $50 million every from Upbit and Radiant Capital, and $16.13 million from Rain Administration, in line with the joint assertion.
The assertion says the Lazarus Group, a recognized risk group of North Korean hackers, performed social engineering assaults and deployed cryptocurrency-stealing malware like TraderTraitor to breach exchanges, whereas additionally infiltrating corporations by having North Korean IT employees pose as job candidates, in line with the assertion.
“The US, Japan, and the Republic of Korea advise non-public sector entities, significantly in blockchain and freelance work industries, to totally evaluate these advisories and bulletins to raised inform cyber risk mitigation measures and mitigate the chance of inadvertently hiring DPRK IT employees,” the governments stated.
Earlier U.N. reviews estimated that North Korea stole $3 billion in cryptocurrency between 2017 and 2023 to fund its sanctioned nuclear weapons applications. Latest information from Chainalysis confirmed North Korean hackers had been accountable for 61% of all cryptocurrency stolen in 2024, totaling $1.34 billion.
