North Korean-backed hackers stole no less than $659 million by means of a number of cryptocurrency heists in 2024, whereas additionally deploying IT employees to infiltrate blockchain firms as insider threats, in response to Japan, South Korea, and the US in a uncommon joint assertion (PDF) on Tuesday.
The announcement supplied the primary official affirmation that North Korea was behind July’s $235 million hack of WazirX, India’s largest cryptocurrency trade. The July 2024 breach pressured WazirX to droop buying and selling and later restructure the agency.
Different main assaults included a $308 million theft from Japan’s DMM Bitcoin, $50 million every from Upbit and Radiant Capital, and $16.13 million from Rain Administration, in response to the joint assertion.
The assertion says the Lazarus Group, a identified risk group of North Korean hackers, carried out social engineering assaults and deployed cryptocurrency-stealing malware like TraderTraitor to breach exchanges, whereas additionally infiltrating firms by having North Korean IT employees pose as job candidates, in response to the assertion.
“The US, Japan, and the Republic of Korea advise non-public sector entities, significantly in blockchain and freelance work industries, to completely assessment these advisories and bulletins to raised inform cyber risk mitigation measures and mitigate the chance of inadvertently hiring DPRK IT employees,” the governments mentioned.
Earlier U.N. stories estimated that North Korea stole $3 billion in cryptocurrency between 2017 and 2023 to fund its sanctioned nuclear weapons packages. Current knowledge from Chainalysis confirmed North Korean hackers have been accountable for 61% of all cryptocurrency stolen in 2024, totaling $1.34 billion.
