The Lazarus Group, a hacker organization linked to North Korea, has been responsible for crypto hacking incidents resulting in over $300 million in losses in 2023. This accounts for approximately 17.6% of the total losses incurred throughout the year.
According to a Fortune Magazine report, despite a decline in major crypto hacking incidents globally, North Korea has maintained its position as a significant actor in cybercrime.
Crypto Heists By Lazarus Group Exceed $1.9 Billion
For further context, the Lazarus Group has gained notoriety for its involvement in some of the largest cyberattacks, particularly in the cryptocurrency industry. Their activities date back to 2014, when they launched a cyberattack against Sony Pictures.
Since then, they have shifted their focus to targeting crypto protocols, successfully stealing billions of dollars. One prominent attack occurred in March 2022 when they stole $600 million from the Ronin Network, a bridge used by the popular Web3 game Axie Infinity.
In 2023, a Wall Street Journal investigation revealed that North Korean hackers had amassed over $3 billion from digital heists, with approximately 50% of these funds allegedly being used to finance the country’s ballistic missile program.
Per the report, from 2021 to 2023, approximately $1.9 billion has been stolen from various crypto projects, with the Ronin Network hack being the largest exploit. In 2023 alone, Lazarus executed five successful attacks, including a $70 million theft from the Hong Kong-based crypto exchange CoinEx in September.
Blockchain analytics firm Elliptic discovered that some of the stolen funds were funneled through a crypto wallet address previously associated with Lazarus for money laundering purposes.
Digital Assets Hacks Plummet By Over 50%
Despite these alarming figures, 2023 has seen a decline in the overall amount of money stolen in digital asset hacks compared to previous years. According to TRM Labs, a blockchain analytics firm, the total stolen funds decreased by over 50%, while the number of attacks remained relatively stable.
This decline can be attributed to increased cybersecurity measures implemented within the industry and the heightened focus of law enforcement agencies. Additionally, the decline in prices may have reduced the profitability of such hacking activities.
Nevertheless, the Lazarus Group continues to pose a serious threat. In 2023, their strategy shifted towards targeting centralized finance (CeFi) platforms like CoinEx, rather than decentralized protocols. They also targeted users of the noncustodial crypto wallet Atomic and the online casino and betting platform Stake.com.
US Treasury Takes Aim At Crypto Exploits
Law enforcement agencies have taken steps to combat these activities by tracing stolen funds and disrupting services known as crypto mixers, which facilitate the combining and distribution of digital assets, making tracking more challenging.
As reported by Bitcoinist, the US Treasury Department sanctioned Tornado Cash, a popular mixing service, in August 2022, and indicted two of its founders for money laundering in September 2023. In November, the Treasury Department also sanctioned Sinbad.io, another mixer frequently used by Lazarus Group.
To further address digital exploits, the Treasury Department aims to expand its supervisory powers over the sector. Deputy Secretary Wally Adeyemo proposed stricter know your customer (KYC) standards for decentralized platforms such as mixers and wallet providers during a crypto industry policy summit in late November.
Overall, while efforts to mitigate cyber threats in the crypto industry are ongoing, the persistence and evolving tactics of groups like Lazarus highlight the need for continued vigilance and proactive measures to safeguard the ecosystem.
Strengthening cybersecurity practices, enhancing regulatory oversight, and fostering international cooperation will play crucial roles in combating cryptocurrency-related cybercrime.
Featured image from Shutterstock, chart from TradingView.com