North Korean Crypto Hackers Stole $1.7 Billion in 2022

Reading Time: 2 minutes
  • North Korean hackers stole $1.7 billion in cryptocurrencies last year, according to Chainalysis
  • The company revealed that this accounts for just under 50% of all crypto hacks
  • Chainalysis also revealed that North Korean actors have a new favorite Bitcoin mixer

North Korean hacking groups were responsible for $1.7 billion worth of thefts from the space last year, according to Chainalysis. The blockchain forensics firm releases its annual crime report this week, and in a teaser reveals that, of the $3.8 billion stolen from crypto projects, just under half was conducted by North Korean groups, making up a decent chunk of the country’s income. This news will add weight to concerns that sloppy security from amateur coders is directly fueling the rogue state and its aggressive geopolitical tactics.

Hacking Income Was Almost 10x North Korea’s Exports

Chainalysis found that North Korean-linked hackers broke their own records in 2022 with their $1.7 billion haul, a significant amount compared to North Korea’s total exports of just $142 million in 2020. This suggests that cryptocurrency hacking has become a significant part of the nation’s economy, rather than just a nice side-hustle.

Out of the $1.7 billion worth of cryptocurrency stolen, $1.1 billion was taken from DeFi protocols, making North Korea one of the key players in the rise of DeFi hacking in 2022. DeFi platforms are typically chosen because of the potential high yield and more lax security protocols, but they can be left with large amounts of illiquid tokens that are not traded on centralized exchanges. As a result, Chainalysis found, they are resorting more and more to using decentralized exchanges to convert the funds.

Sinbad is Hackers’ New Favorite Mixer

North Korean-linked hackers often transfer large amounts to mixers, a key component of their money laundering operations, with Chainalysis identifying Sinbad, a relatively new Bitcoin mixer that began advertising its services on the Bitcointalk forum in October 2022, as its replacement for Tornado Cash, which was sanctioned by the Office of Foreign Assets Control (OFAC) last August.

DeFi security, or the lack of it, is clearly presenting rogue states such as North Korea with a goldmine, but with funding often scarce at the start of a project, protecting from the kinds of state-sponsored hacking carried out by the likes of Lazarus is a far from easy task.