The crypto industry suffered $3 billion in losses from hacks linked to Pyongyang. Half of that sum went to financing a ballistic missile program, writes The Wall Street Journal.
\n\n\n\n
Cybercriminals employed various schemes, including social engineering.
\n\n\n\n
One of the victims was Sky Mavis, known for the game Axie Infinity. On March 23, 2022, as a result of the attack on the sidechain, the project lost user crypto assets worth about $625 million.
\n\n\n\n
A software engineer working at the startup, reached via LinkedIn, received an offer from a recruiter to discuss his career prospects. During the interview he was asked to view a document that acted as a Trojan horse and allowed hackers to access the company’s systems. As a result, the theft left the project on the brink of closure.
\n\n\n\n
The incident drew the attention of the White House.
\n\n\n\n
\”This has prompted us to focus all efforts on countering this activity\”, Anne Neuberger, Deputy National Security Advisor for Cybersecurity and Emerging Technologies, said.
\n\n\n\n
According to the official, Pyongyang finances roughly half of the missile program from proceeds of cyber operations. Previously, that share did not exceed a third.
\n\n\n\n
US authorities say that for these purposes North Korea has formed a ‘shadow’ army of thousands of IT specialists in countries around the world, who can earn up to $300,000 a year.
\n\n\n\n
TRM Labs analyst Nick Carlson said it all began with ‘piratical forays’—infecting computers of various government agencies and organisations with ransom demands.
\n\n\n\n
Subsequently, the hackers sharpened their skills and moved on to larger and more sophisticated operations, such as the Bangladesh Bank’s $81 million theft in a bid to seize $1 billion, which was thwarted by specialists at the FRB of New York.
\n\n\n\n
Since 2018, North Korean actors have focused on the crypto industry.
\n\n\n\n
\’From the outset they were among the most \”advanced\” users of digital assets\’, said Erin Plante, Chainalysis’s Vice President of Investigations.
\n\n\n\n
According to Sky Mavis CFO Alexander Larsen, the ‘arms race’ with North Korean hackers has only begun.
\n\n\n\n
According to the UN, in 2022 North Korean hackers stole a record amount of cryptocurrency and targeted networks of foreign aerospace and defence companies.
\n\n\n\n
South Korea estimates the damage at $630 million, while cybersecurity specialists put it at more than $1 billion. Meanwhile, Chainalysis analysts say about $1.7 billion in cryptocurrency proceeds from the cyberattacks.
\n\n\n\n
The UN has repeatedly warned that North Korea continues to develop its nuclear program, with money from attacks on Bitcoin exchanges becoming a key funding source. In 2019, UN sanctions monitors reported that North Korea had obtained around $2 billion for these purposes over several years.